Cisco warned users that the hackers actively exploited a bug in carrier-grade-routers, and it was a zero-day vulnerability affecting the Internetwork Operating System (IOS) that boats with its networking devices.
The security experts termed the vulnerability as CVE-2020-3566, and it affects the Distance Vector Multicast Routing Protocol (DVMRP) feature of its operating system.
Cisco’s IOS XR Network OS is disposed of various router programs, which include NCS 540 & 560, NCS 5500, 8000, and ASR 9000 series routers. And till now, Cisco hasn’t issued any software update for this vulnerability.
These vulnerabilities attack any Cisco device that is operating any release of Cisco IOS XR Software if an effective interface is configured under multicast routing
The security experts of Cisco said that they had discovered this attack during an investigation. On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became acquainted of ventured exploitation of this vulnerability.
Apart from this, the company asserted that currently, it’s working on generating software updates for IOS XR, and it will take time to release the update.
An administrator can conclude whether multicast routing is allowed on a device by advertising the show igmp interface call.
RP/0/0/CPU0:router# show igmp interface
In this case, an administrator can conclude whether the device is getting DVMRP traffic by publishing the show igmp traffic command.
RP/0/0/CPU0:router#show igmp traffic
The company has issued some mitigations that are to be followed by the users until the company releases a software update, and here are they:-
Moreover, the security experts affirmed that it is still unclear how attackers are exercising this bug in the grand plan of things. They might be utilizing it to impact other methods on the router, like security mechanisms, and obtain access to the device.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates
A critical remote code execution (RCE) vulnerability, identified as CVE-2025-31324, in SAP NetWeaver Visual Composer…
Cybercriminals are increasingly targeting IT administrators through sophisticated Search Engine Optimization (SEO) poisoning techniques. By…
Cybersecurity researchers are raising the alarm about a newly discovered commodity ransomware strain dubbed Mamona, which…
A seemingly innocuous Python package named ‘discordpydebug’ surfaced on the Python Package Index (PyPI) under…
An advanced supply chain attack has targeted the well-known npm package rand-user-agent, which receives about…
Threat actors have begun exploiting multimedia systems as a pivotal component of their voice phishing…