Vulnerability Exposes Cisco Enterprise Routers to Disruptive Attacks


This week, Cisco released updates for ASR 9000, ASR 9902, and ASR 9903 series corporate routers that address a high-severity denial-of-service (DoS) vulnerability in the IOS XR software. The platform’s bidirectional forwarding detection (BFD) hardware offload capability is affected by the vulnerability, which is logged as CVE-2023-20049 (CVSS score of 8.6) and can be exploited remotely and without authentication.

Malformed BFD packets are improperly handled on vulnerable devices with the BFD hardware offload functionality enabled, allowing an attacker to transmit forged IPv4 BFD packets to the preset IPv4 address and exploit the bug. In an advisory, Cisco warns that a successful exploit might allow the attacker to force line card exceptions or a hard reset, resulting in a loss of communication across that line card while the line card reloads.

Read More…