Warning Issued By Cisco Over IOS XR Zero-Day Flaw
Warning issued by Cisco of an active zero-day flaw in its router software. The vulnerability is being exploited by hackers that would allow remote access to carry out attacks on the device’s memory. This flaw can be exploited by creating specialized Internet Group Management Protocol (IGMP) traffic messages to affected devices.
This type of denial of service attacks aims to disrupt interior and exterior routing protocols of the router. A successful attack can lead to device memory collapse resulting in instability and incorrect function of routing processes.
Cisco promised to release and address the flaw. However it did not commit to a release date to make the fix available to the general public. The vulnerability has been ranked as ‘high’ with a Common Vulnerability Scoring System score of 8.6 out of 10. Cisco became aware of attempts by cybercriminals to exploit the flaw in late August.
The bug being exploited on Cisco routers runs Internetwork Operating System (IOS) XR. The exact issue seems to stem from Distance Vector Multicast Routing Protocol software function that makes it possible to disable the functionality of the router with IGMP messages. IGMP is used to efficiently manage video streams and gaming. The flaw lies in the manner IOS-XR processes these messages which eventually leads to memory exhaustion in the router.
Denial of services attacks are common among hackers that aim to disrupt normal operations as much as possible. Any flaw that can be exploited by cybercriminals will be exploited to create instances of direct virus infections or disruptions. Although Cisco will eventually release a fix, Cisco can’t force its users to install it. That responsibility lies squarely with the users of Cisco products.