CVE-2017-12240 - Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability
Project:Cisco
Product:IOS and IOS XE Software
Date Added:2022-03-03Due Date:2022-03-24
Vulnerability Name
Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability
Description
The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-12240