Cisco Releases Security Advisory for DVMRP Vulnerability in IOS XR Software

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

08/31/2020 06:59 PM EDT
Original release date: August 31, 2020
Cisco has released a security advisory on a vulnerability—CVE-2020-3566—in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR software. This vulnerability affects Cisco devices running IOS XR software that have an active interface configured under multicast routing. A remote attacker could exploit this vulnerability to exhaust process memory of an affected device. This vulnerability was detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and take the following actions.

  • Implement the recommended mitigations.
  • Search for indicators of compromise.
  • Apply the necessary update, when available.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: