CVE-2020-3569 - Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Project:Cisco
Product:IOS XR
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Description
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-3569