Cisco fixed CVE-2023-20049 DoS flaw affecting enterprise routers
Cisco
fixed
a
high-severity
DoS
vulnerability
(CVE-2023-20049)
in
IOS
XR
software
that
impacts
several
enterprise
routers.
Cisco
has
released
security
updates
to
address
a
high-severity
DoS
vulnerability,
tracked
as
CVE-2023-20049
(CVSS
score
of
8.6),
in
IOS
XR
software
used
by
several
enterprise-grade
routers.
The
vulnerability
resides
in
the
bidirectional
forwarding
detection
(BFD)
hardware
offload
feature
of
Cisco
IOS
XR
Software
for
Cisco
ASR
9000
Series
Aggregation
Services
Routers,
ASR
9902
Compact
High-Performance
Routers,
and
ASR
9903
Compact
High-Performance
Routers.
An
unauthenticated,
remote
attacker
can
trigger
the
flaw
to
cause
a
line
card
to
reset,
resulting
in
a
denial
of
service
(DoS)
condition.
An
attacker
can
trigger
the
CVE-2023-20049
vulnerability
by
sending
a
crafted
IPv4
BFD
packet
to
a
vulnerable
device.
“This
vulnerability
is
due
to
the
incorrect
handling
of
malformed
BFD
packets
that
are
received
on
line
cards
where
the
BFD
hardware
offload
feature
is
enabled.”
reads
the
advisory
published
by
the
vendor.
“.
A
successful
exploit
could
allow
the
attacker
to
cause
line
card
exceptions
or
a
hard
reset,
resulting
in
loss
of
traffic
over
that
line
card
while
the
line
card
reloads.”
This
flaw
affects
Cisco
routers
running
a
vulnerable
release
of
Cisco
IOS
XR
64-bit
Software
and
have
BFD
hardware
offload
enabled
for
any
of
the
installed
line
cards:
-
ASR
9000
Series
Aggregation
Services
Routers
only
if
they
have
a
Lightspeed
or
Lightspeed-Plus-based
line
card
installed -
ASR
9902
Compact
High-Performance
Routers -
ASR
9903
Compact
High-Performance
Routers
The
company
pointed
out
that
this
vulnerability
does
not
affect
the
following
Cisco
products:
-
IOS
Software -
IOS
XE
Software -
IOS
XR
Platforms
not
listed
in
the Vulnerable
Products section
of
this
advisory
As
a
workaround,
Cisco
recommends
disabling
the
BFD
hardware
offload
and
creating
Infrastructure
Access
Control
lists.
The
IT
giant
addressed
the
issue
with
the
release
of
IOS
XR
versions
7.5.3,
7.6.2,
and
7.7.1.
Follow
me
on
Twitter:
@securityaffairs
and
Facebook
and
Mastodon
(SecurityAffairs –
hacking,
routers)