Cisco 3-hole vulnerability in IOS

Cisco has released an update to block three security flaws arising in IOS - the operating system that controls the device switches and routers.

According to Cisco's warning message, the most dangerous security flaw of the flaw was the buffer overflow error and allowed hackers to execute malicious code on the device.

Hackers can exploit this error by sending specially programmed packets through Internet Control Message Protocol (ICMP), Protocol Independent Multicast version 2 (PIMv2), Pragmatic General Multicast (PGM) or Rendezvous URL Directory (URD) ​​to faulty device.

Every device running Cisco IOS or Cisco IOS XR version has these security errors. However, only devices that are configured to handle IPv4 packets can be hacked.

Devices running IPv6 are completely harmless. But these devices suffer from each other security flaw that can be exploited by hackers to make the router stop working, causing a denial of service. This is also a necessary condition for hackers to remotely execute malicious code on the device.

Chris Labatt-Simon - Chairman and CEO of D&D Consulting, a provider of network solutions - assessing the new IPv6 error is really a dangerous error because it exists on almost every IOS version and is very vulnerable to exploitation. .

The third security error fixed in this batch is an error in the TCP signal receiver on some IOS versions. This error can be exploited by hackers to organize denial-of-service attacks on the device.

Customers are advised to quickly download and install patches as soon as possible.

Hoang Dung