Security updates: Cisco switches are vulnerable to DoS attacks

Due to several software vulnerabilities in the NX-OS network operating system, certain Cisco switches are vulnerable. Attacks on application policy infrastructure controllers are also conceivable. Security patches provide a remedy.

DoS vulnerability

Because the DHCPv6 relay agent in the NX-OS processes input in certain fields incorrectly, attackers can use prepared messages to exploit a security vulnerability (CVE-2024-20446"high"). If such an attack succeeds, it leads to a crash of the dhcp_snoop process and several restarts of the process.

Cisco states that only switches from the Nexus 3000, 7000 and 9000 series are affected if NX-OS version 8.2(11), 9.3(9) or 10.2(1) is installed. In addition, the DHCPv6 relay agent must be activated in conjunction with at least one IPv6 address.

Admins must use Cisco's Software Checker to find out which NX-OS edition is equipped against this attack in the warning message linked below this article.

Other threats

The developers have closed even more gaps in NX-OS. Among other things, attackers can obtain root privileges (CVE-2024-20411"medium"). To do this, however, they must have local access to the bash shell. If this is the case, attackers can also upgrade themselves to network admin (CVE-2024-20413"medium").

Remote attacks on application policy infrastructure controllers are also possible. At this point, a remote authenticated attacker can install software images containing malicious code (CVE-2024-20478"medium").

List sorted by threat level in descending order:

• NX-OS Software DHCPv6 Relay Agent Denial of Service
• NX-OS Software Bash Arbitrary Code Execution and Privilege Escalation
• Application Policy Infrastructure Controller Privilege Escalation
• NX-OS Software Python Sandbox Escape
• NX-OS Software Command Injection
• Application Policy Infrastructure Controller Unauthorized Policy Actions

(des)