Cisco has released its biannual security advisory bundle for its IOS and IOS XE software. The update addresses 10 vulnerabilities, including six rated as high severity.
The most significant vulnerabilities include three security bugs that can be exploited remotely and by unauthenticated attackers, causing a denial-of-service (DoS condition.
One of these vulnerabilities, tracked as CVE-2023-20080, affects the IPv6 DHCP version 6 (DHCPv6) relay and server features of IOS and IOS XE software, and an attacker can send crafted DHCPv6 messages to an affected device and cause it to reload unexpectedly.
Another vulnerability, CVE-2023-20072, affects the fragmentation handling code of tunnel protocol packets and can be exploited by sending crafted fragmented packets to an affected system.
The third vulnerability, CVE-2023-20027, is an issue in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of IOS and IOS XE software and exists because large packets are not correctly reassembled when VFR is enabled.
The update also addresses a high-severity DoS flaw in the HTTP-based client profiling feature of IOS XE software for Wireless LAN controllers (WLCs).
This vulnerability, tracked as CVE-2023-20067, can be exploited by an adjacent attacker, without authentication, and can cause CPU utilization to increase, resulting in a DoS condition on an affected device and causing new wireless client associations to fail.
Cisco has also addressed other vulnerabilities, including an insufficient input validation in the CLI of IOS XE SD-WAN software, which could allow an authenticated attacker to execute commands on the operating system with root-level privileges. The update includes patches for medium-severity DoS, path traversal, and privilege escalation vulnerabilities.
Cisco has released patches for three other high-severity flaws, including a secure boot issue in Catalyst 9300 series switches, a privilege escalation bug in DNA Center, and a DoS vulnerability in access point (AP) software.
Cisco says it is not aware of any of these flaws being exploited in malicious attacks.
However, users are advised to update their systems to the latest software versions to protect against potential attacks. More information on the resolved vulnerabilities can be found on Cisco’s product security page.
