Rewterz Threat Advisory – Multiple Cisco IOS XR Software Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-20049 CVSS:8.6

Cisco IOS XR Software for ASR 9000 Series Routers are vulnerable to a denial of service, caused by incorrect handling of malformed BFD packets. By sending a specially crafted IPv4 BFD packet, a remote attacker could exploit this vulnerability to cause line card exceptions or a hard reset, and results in a denial of service condition.

CVE-2023-20064 CVSS:4.6

Cisco IOS XR Software could allow a physical attacker to obtain sensitive information, caused by the inclusion of unnecessary commands within the GRUB environment. By sending a specially crafted request using the GRUB bootloader command line, an attacker could exploit this vulnerability to view sensitive files on the console, and use this information to launch further attacks against the affected system.

Impact

• Denial of Service
• Information Disclosure

Indicators Of Compromise

CVE

• CVE-2023-20049
• CVE-2023-20064

Affected Vendors

Cisco

Affected Products

• Cisco ASR 9000 Series Aggregation Services Routers
• Cisco ASR 9902 Compact High-Performance Routers
• Cisco ASR 9903 Compact High-Performance Routers
• Cisco IOS XRv 9000 Router
• Cisco Network Convergence System (NCS) 540 Series Routers
• Cisco Network Convergence System (NCS) 560 Series Routers
• Cisco Network Convergence System (NCS) 5000 Series Routers
• Cisco Network Convergence System (NCS) 5500 Series Routers
• Cisco Network Convergence System (NCS) 6000 Series Routers
• Cisco IOS XR White box

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

CVE-2023-20049

CVE-2023-20064