⚠ Actively exploited

Added to CISA KEV on 2022-03-03. Federal agencies required to patch by 2022-03-24. Required action: Apply updates per vendor instructions..

CVE-2017-12235 — Improper Input Validation in Cisco IOS

CWE-20 — Improper Input Validation6 documents6 sources

Severity

7.5HIGHNVD

EPSS

4.9%

top 10.37%

CISA KEV

KEV

Added 2022-03-03

Due 2022-03-24

Exploit

Exploited in wild

Active exploitation observed

Affected products

Cisco IOS Cisco IOS

Timeline

PublishedSep 29

KEV addedMar 3

KEV dueMar 24

Latest updateMay 13

CISA Required Action: Apply updates per vendor instructions.

Description

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affe…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDcisco/ios12.2 — 15.6

▶CVEListV5cisco/cisco_iosCisco IOS

🔴Vulnerability Details

GHSA

GHSA-83w7-v79x-495q: A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12↗2022-05-13

▶

CVEList

CVE-2017-12235: A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12↗2017-09-28

▶

VulnCheck

Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability↗2017

▶

📋Vendor Advisories

CISA

Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability↗2022-03-03

▶

Cisco

Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial of Service Vulnerability↗2017-09-27

▶