CIS Logo
tagline: Confidence in the Connected World

A Vulnerability with Cisco Small Business, Smart, and Managed Switches Could Allow for Denial of Service

MS-ISAC ADVISORY NUMBER:

2020-119

DATE(S) ISSUED:

08/20/2020

OVERVIEW:

A vulnerability has been discovered in Cisco Small Business, Smart, and Managed Switches, which could allow for a denial-of-service condition. These switches are designed with easy to use web management interfaces and flexible plug and play design. Successful exploitation of this vulnerability could allow an attacker to cause the switches management CLI to stop responding.

THREAT INTELLIGENCE:

There are no reports of the vulnerability being exploited in the wild.

SYSTEMS AFFECTED:

  • Cisco 250 Series Smart Switches
  • Cisco 350 Series Managed Switches
  • Cisco 350X Series Stackable Managed Switches
  • Cisco 550X Series Stackable Managed Switches
  • Cisco Small Business 200 Series Smart Switches
  • Cisco Small Business 300 Series Managed Switches
  • Cisco Small Business 500 Series Stackable Managed Switches

RISK:

Government:
  • Large and medium government entities: HIGH
  • Small government entities: HIGH
Businesses:
  • Large and medium business entities: HIGH
  • Small business entities: HIGH
Home Users:
LOW

TECHNICAL SUMMARY:

A vulnerability has been discovered in Cisco Small Business, Smart, and Managed Switches which could allow for a denial-of-service condition when the switch processes a specially crafted IPv6 address. The vulnerability occurs due to insufficient validation of incoming IPv6 traffic. An unauthenticated remote attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. The vulnerability does not affect IPv4 traffic and there is no workaround for the vulnerability. Successful exploitation of this vulnerability could allow an attacker to cause the switches management CLI to stop responding.

RECOMMENDATIONS:

We recommend the following actions be taken:

  • Apply appropriate patches provided by Cisco to vulnerable devices immediately after appropriate testing.
  • Deploy network intrusion detection systems to monitor network traffic to affected devices.

REFERENCES:

Information Hub : Advisories


CONTROL: 1 --- ADVISORY CONTROL: 0
CONTROL: 2 --- ADVISORY CONTROL: 0
CONTROL: 3 --- ADVISORY CONTROL: 0

Pencil Blog post 17 Sep 2020
CONTROL: 4 --- ADVISORY CONTROL: 0