Attacks are found that are actively targeting the CVE-2020-3118 high severity vulnerability found to affect multiple carrier-grade routers that run the company’s Cisco IOS XR Software. The IOS XR Network OS is deployed on several Cisco router platforms including NCS 540 & 560, NCS 5500, 8000, and ASR 9000 series routers. The vulnerability impacts third-party white box routers and the following Cisco products if they run vulnerable Cisco IOS XR Software versions, and have the Cisco Discovery Protocol enabled both on at least one interface and globally:
Attempted exploitation of this vulnerability in the wild has been reported. Cisco recommends that customers upgrade to a fixed Cisco IOS XR Software release to remediate this vulnerability. Successful exploitation could enable the attackers to trigger a stack overflow that could lead to arbitrary code execution with administrative privileges on the targeted device.
The current status of fixed releases is shown in the table below (more information on available software maintenance upgrades can be found here).