JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Cisco released security patches for High-Severity flaws in IOS XR software

Cisco fixed multiple high-severity flaws in the IOS XR software that can allow attackers to trigger a DoS condition, elevate privileges, overwrite/read arbitrary files. Cisco released security updates to address multiple high-severity vulnerabilities in the IOS XR software that can be exploited to conduct multiple malicious activities, such as rebooting devices and elevate privileges. The […]

Cisco Catalyst

Cisco fixed multiple high-severity flaws in the IOS XR software that can allow attackers to trigger a DoS condition, elevate privileges, overwrite/read arbitrary files.

Cisco released security updates to address multiple high-severity vulnerabilities in the IOS XR software that can be exploited to conduct multiple malicious activities, such as rebooting devices and elevate privileges.

The most severe of these vulnerabilities is a DoS issue tracked as CVE-2021-34720 (CVSS score 8.6). A remote, unauthenticated attacker can exploit this bug to exhaust the device packet memory and trigger a DoS condition.

The flaw resides in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) implemented in the Cisco IOS XR Software. An attacker can trigger the flaw by sending specific IP SLA or TWAMP packets to an affected device.

“A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition.” reads the advisory. “This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process.”

Another severe bug addressed by Cisco is an IOS XR Software Arbitrary File Read and Write vulnerability tracked as CVE-2021-34718 (CVSS 8.1). The flaw resides in the SSH Server process of Cisco IOS XR Software, it can allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device.

“This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.” reads the advisory.

Cisco also patched two other high severity privilege escalation bugs, respectively tracked as CVE-2021-34719 and CVE-2021-34728, and a denial of service issue tracked as CVE-2021-34713 that impactes ASR 9000 routers family.

The IT giant also fixed seven medium severity flaws in IOS XR software.

Cisco is not aware of attacks in the wild exploiting the above issues.

US CISA also published an advisory urging organizations to apply the security patches as soon as possible.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Cisco IOS XR)

[adrotate banner=”5″]

[adrotate banner=”13″]