6 matches found
Cisco Warns of Active Exploitation of Flaw in Carrier-Grade Routers
Cisco Systems says hackers are actively exploiting previously unpatched vulnerabilities in its carrier-grade routers that could allow adversaries to crash or severely disrupt devices. The vulnerabilities exist in the Distance Vector Multicast Routing Protocol DVMRP feature of Cisco IOS XR Softwar...
Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild
Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP...
Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild
Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP...
CVE-2020-3566
creationtimestamp| type| source ---|---|--- 2020-08-31 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=507 2020-08-31 12:08:04+00:00| seen| https://t.me/icscert/337 2020-08-31 16:28:28+00:00| exploited| https://t.me/informationsecuritychannel/40069 2020-08-31 17:21:12+00:0...
CVE-2020-3566
CVE-2020-3566 affects Cisco IOS XR Software, exploiting the DVMRP feature via crafted IGMP traffic to exhaust device memory and disrupt processes. Root cause is insufficient IGMP queue management within DVMRP, potentially impacting interior/exterior routing protocols and causing instability. Mult...
CVE-2020-3566 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
A vulnerability in the Distance Vector Multicast Routing Protocol DVMRP feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protoco...