Egg on Cisco's face: Three critical software bugs to fix over Easter
Pick your poison in IOS and IOS XE: denial-of-service or remote code execution?
Cisco's ruined Easter for netadmins by revealing three critical-rated flaws, with fixes landing today.
CVE-2018-151 is a bounds-checking error in IOS/IOS XE's quality-of-service subsystem, and can be attacked using malicious packets to UDP port 18999. A successful attack triggers a buffer overrun, either causing a denial-of-service (DoS) or remote code execution (RCE).
If you can't patch immediately, block traffic to UDP 18999.
CVE-2018-0171 is a bug in IOS/IOS XE's Smart Install feature: a malicious message to TCP port 4786 on a client device can trigger DoS or RCE conditions.
Smart install is designed to simplify configuration of devices destined for the branch office: the sysadmin can ship a new device to a site, and it fetches configuration data when it's first powered up.
Critical bug number three, CVE-2018-0150, affects only IOS XE: it's a static credential that's left over from installation.
As well as the three critical bugs, Cisco's March 2018 IOS/IOS XE bundled security publication has another 19 bugs rated as high impact. Happy Easter! ®