A Denial-of-Service (DoS) vulnerability has been discovered in the Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS 6300 Series Fabric Interconnects that could allow an authenticated, remote attacker to cause a denial-of-service condition on any affected device.
Due to improper handling, this specific flaw exists in SNMP (Simple Network Management Protocol) requests.
A threat actor can exploit this vulnerability by sending a crafted SNMP request to a vulnerable device, causing this DoS condition. Successful exploitation causes the vulnerable device to reload, making the service unavailable.
However, there are prerequisites for an attacker to exploit this vulnerability on the SNMPv2c or earlier.
An attacker requires information about the “SNMP community string” that consists of a user ID or password for accessing the router’s statistics.
In addition, to exploit this vulnerability on the SNMPv3, the attacker requires valid credentials for an SNMP user configured on the affected device.
The CVE ID for this vulnerability has been given as CVE-2023-20200 and has a severity of 7.7 (High).
Furthermore, Cisco has released a security advisory for this vulnerability, including a list of vulnerable and non-vulnerable products.
Cisco confirmed that Cisco FXOS software releases 2.4.1 and later is not vulnerable to this DoS attack. Cisco has also provided steps to find the status of the SNMP of the device.
The Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS 6300 Series Fabric Interconnects products of Cisco have SNMP enabled by default in vulnerable versions. However, current releases have SNMP disabled by default.
No workarounds have been found for this vulnerability, as mentioned by Cisco, and also released a software check feature on their security advisory, which users can use to detect if their version of the product is vulnerable to exploitation.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
Cybersecurity in mergers and acquisitions is crucial, as M&A activities represent key inflection points for…
In 2025, cybersecurity trends for CISOs will reflect a landscape that is more dynamic and…
Zero-trust architecture has become essential for securing operations in today’s hyper-connected world, where corporate network…
The Chrome team has officially promoted Chrome 136 to the stable channel for Windows, Mac,…
By fusing agentic AI and contextual threat intelligence, SecAI transforms investigation from a bottleneck into…
According to IBM Security annual research, "Cost of a Data Breach Report 2024", an average…