Denial of Service Vulnerability in Cisco IOS XE for ASR 1000 Series Routers

CVE-2013-5545

Summary

The PPTP ALG implementation in Cisco IOS XE 3.9 prior to version 3.9.2S on ASR 1000 Series devices may permit a remote attacker to disrupt device operation. By sending a flood of PPTP packets through NAT, an attacker can trigger a reboot of the affected devices, rendering them temporarily unavailable and creating potential interruptions in network services. It is essential for organizations using these devices to apply the necessary updates to mitigate this vulnerability.

References