Cisco fixes 29 High risk security bugs in Cisco IOS and IOS XE software, Aironet and other network products

Cisco fixes 29 High risk bugs in Cisco IOS XE and Aironet products

Cisco has patched 26 High severity Cisco IOS and IOS XE software vulnerabilities for multiple network products. The company also patched one Catalyst 9200 switch vulnerability and two Cisco Aironet Access Point security bugs.

As a result, a remote attacker could potentially exploit some of these vulnerabilities to take control of an impacted device or cause a denial of service (DoS).

Cisco IOS and IOS XE software

In all, Cisco patched quite a number (26) High severity Cisco IOS and IOS XE software vulnerabilities that affect a wide range of network products and issues.

Here is a summary of the High severity issues patched by Cisco on September 24:

Vulnerability DescriptionCVE
Cisco IOS XE Software Zone-Based Firewall Denial of Service VulnerabilitiesCVE-2020-3421, CVE-2020-3480
Cisco IOS XE Software Arbitrary Code Execution VulnerabilityCVE-2020-3417
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family WPA Denial of Service VulnerabilityCVE-2020-3429
Cisco IOS XE Software Web UI Authorization Bypass VulnerabilityCVE-2020-3400
Cisco IOS and IOS XE Software Split DNS Denial of Service VulnerabilityCVE-2020-3408
Cisco IOS XE ROM Monitor Software VulnerabilityCVE-2020-3524
Cisco IOS and IOS XE Software PROFINET Denial of Service VulnerabilityCVE-2020-3409
Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Multicast DNS Denial of Service VulnerabilityCVE-2020-3359
Cisco IOS XE Software Ethernet Frame Denial of Service VulnerabilityCVE-2020-3465
Cisco IOS XE Software IP Service Level Agreements Denial of Service VulnerabilityCVE-2020-3422
Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service VulnerabilityCVE-2020-3492
Cisco IOS XE Software for Catalyst 9200 Series Switches Umbrella Connector Denial of Service VulnerabilityCVE-2020-3510
Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution VulnerabilitiesCVE-2020-3416, CVE-2020-3513
Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service VulnerabilityCVE-2020-3511
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service VulnerabilityCVE-2020-3390
Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service VulnerabilityCVE-2020-3509
Cisco IOS XE Software Privilege Escalation VulnerabilitiesCVE-2020-3141, CVE-2020-3425
Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service VulnerabilityCVE-2020-3512
Cisco IOS Software for Cisco Industrial Routers Virtual-LPWA Unauthorized Access VulnerabilityCVE-2020-3426
Cisco IOS XE Software for Cisco ASR 1000 Series 20-Gbps Embedded Services Processor IP ARP Denial of Service VulnerabilityCVE-2020-3508
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family WLAN Local Profiling Denial of Service VulnerabilityCVE-2020-3428
Cisco IOS XE Software RESTCONF and NETCONF-YANG Access Control List Denial of Service VulnerabilityCVE-2020-3407
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service VulnerabilitiesCVE-2020-3486, CVE-2020-3487, CVE-2020-3488
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service VulnerabilityCVE-2020-3399
Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service VulnerabilityCVE-2020-3414
Cisco IOS XE Software Common Open Policy Service Engine Denial of Service VulnerabilityCVE-2020-3526

Aironet Access Points

Also, Cisco patched 2 Aironet Access Point vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS).

Those Aironet DoS vulnerabilities include:

Vulnerability DescriptionCVE
Cisco Aironet Access Points Ethernet Wired Clients Denial of Service VulnerabilityCVE-2020-3552
Cisco Aironet Access Points UDP Flooding Denial of Service VulnerabilityCVE-2020-3560

The Aironet ethernet wired DoS vulnerability CVE-2020-3552 affects Aironet 1540, 1560, 1810, 1815, 1840, 1850, 2800 and 3800 Series APs, that provide network access to wired clients and are also configured for 802.1q tagging.

For the second Aironet UDP Flooding DoS vulnerability CVE-2020-3560, Cisco warns that “a successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition.”

Other Vulnerabilities

Cisco also patched one Cisco Catalyst 9200 switch vulnerability that could allow an unauthenticated, remote attacker to crash the device:

Cisco Catalyst 9200 Series Switches Jumbo Frame Denial of Service VulnerabilityCVE-2020-3527

Finally, Cisco also patched 13 Medium rated vulnerabilities for IOS, IOS XE or Aironet software and multiple network products.

Check out the latest Cisco advisories as of September 24, 2020. System and Network administrators should deploy security updates to affected devices as soon as possible.

Related Articles