Lucene search

CiscoCISCO-SA-PROFINET-J9QMCHPB

HistorySep 24, 2020 - 4:00 p.m.

Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability

2020-09-2416:00:00

tools.cisco.com

cisco

profinet

denial of service

EPSS

0.001

Percentile

23.3%

JSON

A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device.

The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted PROFINET packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to crash and reload, resulting in a DoS condition on the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB”]

A companion advisory for affected devices that support PROFINET is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5”].

This advisory is part of the September 24, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 34 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74268”].

Affected configurations

Vulners

Node

ciscoiosMatch12.2se

ciscoiosMatch12.2ez

ciscoiosMatch15.0ey

ciscoiosMatch15.0se

ciscoiosMatch15.0sg

ciscoiosMatch15.0ex

ciscoiosMatch15.0ea

ciscoiosMatch15.2e

ciscoiosMatch15.2ey

ciscoiosMatch15.2eb

ciscoiosMatch15.2ea

ciscoiosMatch15.3jaa

ciscoiosMatch15.2ec

ciscocisco_ios_xe_softwareMatch16.9

ciscocisco_ios_xe_softwareMatch16.10

ciscocisco_ios_xe_softwareMatch16.11

ciscocisco_ios_xe_softwareMatch16.12

ciscocisco_ios_xe_softwareMatch17.1

ciscoiosMatch12.2\(55\)se

ciscoiosMatch12.2\(55\)se3

ciscoiosMatch12.2\(52\)se

ciscoiosMatch12.2\(58\)se

ciscoiosMatch12.2\(52\)se1

ciscoiosMatch12.2\(58\)se1

ciscoiosMatch12.2\(55\)se4

ciscoiosMatch12.2\(58\)se2

ciscoiosMatch12.2\(55\)se5

ciscoiosMatch12.2\(55\)se6

ciscoiosMatch12.2\(55\)se7

ciscoiosMatch12.2\(55\)se9

ciscoiosMatch12.2\(55\)se10

ciscoiosMatch12.2\(55\)se11

ciscoiosMatch12.2\(55\)se12

ciscoiosMatch12.2\(55\)se13

ciscoiosMatch12.2\(60\)ez16

ciscoiosMatch15.0\(1\)ey

ciscoiosMatch15.0\(1\)ey2

ciscoiosMatch15.0\(2\)ey

ciscoiosMatch15.0\(2\)ey1

ciscoiosMatch15.0\(2\)ey2

ciscoiosMatch15.0\(2\)ey3

ciscoiosMatch15.0\(2\)se

ciscoiosMatch15.0\(2\)se1

ciscoiosMatch15.0\(2\)se2

ciscoiosMatch15.0\(2\)se3

ciscoiosMatch15.0\(2\)se4

ciscoiosMatch15.0\(2\)se5

ciscoiosMatch15.0\(2\)se6

ciscoiosMatch15.0\(2\)se7

ciscoiosMatch15.0\(2\)se8

ciscoiosMatch15.0\(2\)se9

ciscoiosMatch15.0\(2\)se10

ciscoiosMatch15.0\(2\)se11

ciscoiosMatch15.0\(2\)se10a

ciscoiosMatch15.0\(2\)se12

ciscoiosMatch15.0\(2\)sg11a

ciscoiosMatch15.0\(2\)ex2

ciscoiosMatch15.0\(2\)ex8

ciscoiosMatch15.0\(2\)ea

ciscoiosMatch15.0\(2\)ea1

ciscoiosMatch15.2\(2\)e

ciscoiosMatch15.2\(2\)e1

ciscoiosMatch15.2\(2b\)e

ciscoiosMatch15.2\(3\)e1

ciscoiosMatch15.2\(2\)e2

ciscoiosMatch15.2\(2\)e3

ciscoiosMatch15.2\(3\)e2

ciscoiosMatch15.2\(3\)e3

ciscoiosMatch15.2\(2\)e4

ciscoiosMatch15.2\(2\)e5

ciscoiosMatch15.2\(3\)e4

ciscoiosMatch15.2\(5\)e

ciscoiosMatch15.2\(2\)e6

ciscoiosMatch15.2\(5\)e1

ciscoiosMatch15.2\(2\)e5a

ciscoiosMatch15.2\(2\)e5b

ciscoiosMatch15.2\(5a\)e1

ciscoiosMatch15.2\(2\)e7

ciscoiosMatch15.2\(5\)e2

ciscoiosMatch15.2\(6\)e

ciscoiosMatch15.2\(5\)e2c

ciscoiosMatch15.2\(2\)e8

ciscoiosMatch15.2\(6\)e0a

ciscoiosMatch15.2\(6\)e1

ciscoiosMatch15.2\(6\)e0c

ciscoiosMatch15.2\(2\)e9

ciscoiosMatch15.2\(6\)e1a

ciscoiosMatch15.2\(6\)e1s

ciscoiosMatch15.2\(7\)e

ciscoiosMatch15.2\(2\)e10

ciscoiosMatch15.2\(6\)e2a

ciscoiosMatch15.2\(7\)e0b

ciscoiosMatch15.2\(7\)e0s

ciscoiosMatch15.2\(6\)e3

ciscoiosMatch15.2\(7a\)e0b

ciscoiosMatch15.2\(4\)e10e

ciscoiosMatch15.2\(1\)ey

ciscoiosMatch15.2\(2\)eb

ciscoiosMatch15.2\(2\)eb1

ciscoiosMatch15.2\(2\)eb2

ciscoiosMatch15.2\(6\)eb

ciscoiosMatch15.2\(2\)ea

ciscoiosMatch15.2\(2\)ea2

ciscoiosMatch15.2\(3\)ea

ciscoiosMatch15.2\(4\)ea

ciscoiosMatch15.2\(4\)ea1

ciscoiosMatch15.2\(2\)ea3

ciscoiosMatch15.2\(4\)ea3

ciscoiosMatch15.2\(5\)ea

ciscoiosMatch15.2\(4\)ea4

ciscoiosMatch15.2\(4\)ea2

ciscoiosMatch15.2\(4\)ea5

ciscoiosMatch15.2\(4\)ea6

ciscoiosMatch15.2\(4\)ea7

ciscoiosMatch15.2\(4\)ea8

ciscoiosMatch15.2\(4\)ea9

ciscoiosMatch15.3\(3\)jaa1

ciscoiosMatch15.2\(4\)ec1

ciscoiosMatch15.2\(4\)ec2

ciscocisco_ios_xe_softwareMatch16.9.1

ciscocisco_ios_xe_softwareMatch16.9.1d

ciscocisco_ios_xe_softwareMatch16.10.1

ciscocisco_ios_xe_softwareMatch16.10.1e

ciscocisco_ios_xe_softwareMatch16.11.1

ciscocisco_ios_xe_softwareMatch16.11.1a

ciscocisco_ios_xe_softwareMatch16.11.1b

ciscocisco_ios_xe_softwareMatch16.11.1s

ciscocisco_ios_xe_softwareMatch16.11.1c

ciscocisco_ios_xe_softwareMatch16.12.1s

ciscocisco_ios_xe_softwareMatch16.12.1c

ciscocisco_ios_xe_softwareMatch16.12.2

ciscocisco_ios_xe_softwareMatch16.12.2s

ciscocisco_ios_xe_softwareMatch16.12.2t

ciscocisco_ios_xe_softwareMatch17.1.1

ciscocisco_ios_xe_softwareMatch17.1.1s

ciscocisco_ios_xe_softwareMatch17.1.1t

VendorProductVersionCPE
ciscoios12.2secpe:2.3:o:cisco:ios:12.2se:*:*:*:*:*:*:*
ciscoios12.2ezcpe:2.3:o:cisco:ios:12.2ez:*:*:*:*:*:*:*
ciscoios15.0eycpe:2.3:o:cisco:ios:15.0ey:*:*:*:*:*:*:*
ciscoios15.0secpe:2.3:o:cisco:ios:15.0se:*:*:*:*:*:*:*
ciscoios15.0sgcpe:2.3:o:cisco:ios:15.0sg:*:*:*:*:*:*:*
ciscoios15.0excpe:2.3:o:cisco:ios:15.0ex:*:*:*:*:*:*:*
ciscoios15.0eacpe:2.3:o:cisco:ios:15.0ea:*:*:*:*:*:*:*
ciscoios15.2ecpe:2.3:o:cisco:ios:15.2e:*:*:*:*:*:*:*
ciscoios15.2eycpe:2.3:o:cisco:ios:15.2ey:*:*:*:*:*:*:*
ciscoios15.2ebcpe:2.3:o:cisco:ios:15.2eb:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	12.2se	cpe:2.3:o:cisco:ios:12.2se:::::::*
cisco	ios	12.2ez	cpe:2.3:o:cisco:ios:12.2ez:::::::*
cisco	ios	15.0ey	cpe:2.3:o:cisco:ios:15.0ey:::::::*
cisco	ios	15.0se	cpe:2.3:o:cisco:ios:15.0se:::::::*
cisco	ios	15.0sg	cpe:2.3:o:cisco:ios:15.0sg:::::::*
cisco	ios	15.0ex	cpe:2.3:o:cisco:ios:15.0ex:::::::*
cisco	ios	15.0ea	cpe:2.3:o:cisco:ios:15.0ea:::::::*
cisco	ios	15.2e	cpe:2.3:o:cisco:ios:15.2e:::::::*
cisco	ios	15.2ey	cpe:2.3:o:cisco:ios:15.2ey:::::::*
cisco	ios	15.2eb	cpe:2.3:o:cisco:ios:15.2eb:::::::*