SB2020020712 - Format string error in Cisco Discovery Protocol for Cisco IOS XR

Description

This security bulletin contains information about 1 security vulnerability.

1) Format string error (CVE-ID: CVE-2020-3118)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper validation of string input from certain fields in the Cisco Discovery Protocol implementation for Cisco IOS XR Software. A remote attacker on the local network can supply a specially crafted input that contains format string specifiers, cause a stack overflow and execute arbitrary code with administrative privileges on an affected device.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

• http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce