Cisco addresses critical vulnerabilities that allow privilege escalation and denial of service.

Cisco this week addressed high-threat privileged access and denial of service (DoS) vulnerabilities in IOS RX software. Cisco has addressed several vulnerabilities in IOS RX software, including three high-threat vulnerabilities that can be exploited to escalate privileges and invoke a DoS state.

Vulnerability CVE-2024-20320

Vulnerability CVE-2024-20320 is an SSH privilege escalation vulnerability in Cisco IOS XR software for Cisco 8000 series routers and Cisco Network Convergence System (NCS) 540 and 5700 series routers. An authenticated local attacker could exploit this vulnerability to escalate privileges on the exposed device. "This vulnerability is caused by insufficient validation of the arguments included in the SSH client CLI command. An attacker with low-level access to the exposed device could exploit this vulnerability by executing a crafted SSH client command in the CLI. A successful attack could allow the attacker to escalate privileges to root on the exposed device," the post reads.

The second high-risk vulnerability

The second high-threat vulnerability addressed by this industry participant is tracked as CVE-2024-20318 and is located in the Layer 2 Ethernet services of Cisco IOS XR software. An unauthenticated federated attacker can cause a bug that resets line card network processing, causing a denial of service (DoS) condition. "This vulnerability is related to improper processing of specific Ethernet frames that arrive on line cards with Layer 2 services enabled.

The third high-risk vulnerability

The third high-threat vulnerability, tracked as CVE-2024-20327, is a DoS vulnerability in the PPP over Ethernet (PPPoE) completion function of ASR 9000 series routers. An unauthenticated federated attacker can cause an error that causes the ppp_ma process to fail, triggering a denial of service (DoS) condition. "This vulnerability is related to the mishandling of malformed PPPoE packets received on a router running the Broadband Network Gateway (BNG) feature with Lightspeed or Lightspeed-Plus line card-based PPPoE termination. An attacker could exploit this vulnerability by sending a crafted PPPoE packet to the exposed line card interface that does not complete PPPoE. A successful attack could allow the attacker to cause the ppp_ma process to crash, resulting in a DoS condition for PPPoE traffic through the router," the post reads.

PSIRT is not aware of any worldwide implementation of the above vulnerabilities. Follow me on Twitter:@securityaffairsand Facebook and Mastodon Pierluigi Paganini (SecurityAffairs - hacking, DoS)..

Make me a response in this format:

'{text}'