Lucene search

CiscoCISCO-SA-IOS-PROFINET-DOS-65QYG3W5

HistorySep 24, 2020 - 4:00 p.m.

Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability

2020-09-2416:00:00

tools.cisco.com

0.001 Low

EPSS

Percentile

25.2%

JSON

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition.

The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5”]

A companion advisory for affected devices that support PROFINET is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB”].

This advisory is part of the September 24, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 34 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74268”].

Affected configurations

Vulners

Node

ciscoiosMatch15.2e

ciscoiosMatch15.2eb

ciscoiosMatch15.3jf

ciscoiosMatch12.2i

ciscoiosMatch15.3jk

ciscoiosMatchany

ciscorvs4000_softwareMatch3.9e

ciscorvs4000_softwareMatch3.10e

ciscorvs4000_softwareMatch3.11e

ciscorvs4000_softwareMatch17.1

ciscoiosMatch15.2\(5\)e2

ciscoiosMatch15.2\(6\)e

ciscoiosMatch15.2\(5\)e2b

ciscoiosMatch15.2\(5\)e2c

ciscoiosMatch15.2\(6\)e0a

ciscoiosMatch15.2\(6\)e1

ciscoiosMatch15.2\(6\)e0c

ciscoiosMatch15.2\(6\)e2

ciscoiosMatch15.2\(6\)e1a

ciscoiosMatch15.2\(6\)e1s

ciscoiosMatch15.2\(7\)e

ciscoiosMatch15.2\(6\)e2a

ciscoiosMatch15.2\(6\)e2b

ciscoiosMatch15.2\(7\)e1

ciscoiosMatch15.2\(7\)e0a

ciscoiosMatch15.2\(7\)e0b

ciscoiosMatch15.2\(7\)e0s

ciscoiosMatch15.2\(6\)e3

ciscoiosMatch15.2\(7a\)e0b

ciscoiosMatch15.2\(7\)e1a

ciscoiosMatch15.2\(6\)e4

ciscoiosMatch15.2\(6\)eb

ciscoiosMatch15.3\(3\)jf99

ciscoiosMatch12.2\(6\)i1

ciscoiosMatch15.3\(3\)jk99

ciscoiosMatchany

ciscorvs4000_softwareMatch3.9.2e

ciscorvs4000_softwareMatch3.9.2be

ciscorvs4000_softwareMatch3.10.0e

ciscorvs4000_softwareMatch3.10.1e

ciscorvs4000_softwareMatch3.10.0ce

ciscorvs4000_softwareMatch3.10.2e

ciscorvs4000_softwareMatch3.10.1ae

ciscorvs4000_softwareMatch3.10.1se

ciscorvs4000_softwareMatch3.10.3e

ciscorvs4000_softwareMatch3.11.0e

ciscorvs4000_softwareMatch3.11.1e

ciscorvs4000_softwareMatch3.11.1ae

ciscorvs4000_softwareMatch17.1.1

ciscorvs4000_softwareMatch17.1.1a

ciscorvs4000_softwareMatch17.1.1s

ciscorvs4000_softwareMatch17.1.1t

CPENameOperatorVersion
ioseq15.2E
ioseq15.2EB
ioseq15.3JF
ioseq12.2I
ioseq15.3JK
ioseqany
cisco ios xe softwareeq3.9E
cisco ios xe softwareeq3.10E
cisco ios xe softwareeq3.11E
cisco ios xe softwareeq17.1

Name	Operator	Version
ios	eq	15.2E
ios	eq	15.2EB
ios	eq	15.3JF
ios	eq	12.2I
ios	eq	15.3JK
ios	eq	any
cisco ios xe software	eq	3.9E
cisco ios xe software	eq	3.10E
cisco ios xe software	eq	3.11E
cisco ios xe software	eq	17.1