Remote Code Execution Vulnerability in Cisco IOS SNMP Subsystem
CVE-2017-6740
Key Information:
- Vendor
Cisco
- Status
- Vendor
- CVE Published:
- 17 July 2017
Badges
What is CVE-2017-6740?
The SNMP subsystem in Cisco IOS, spanning versions 12.0 to 15.6 and IOS XE 2.2 through 3.17, presents critical vulnerabilities that allow authenticated, remote attackers to execute code or cause system reloads. Exploitation occurs via specially crafted SNMP packets sent to affected devices over IPv4 or IPv6. The attack requires use of SNMP Versions 1, 2c, or 3. For Versions 2c or earlier, knowledge of the SNMP read-only community string is necessary, while for SNMP Version 3, user credentials are required. Devices with SNMP enabled and without exclusion of the affected MIBs or OIDs need to be considered at risk. It is essential for network administrators to implement the recommended mitigations to protect their systems.
CISA has reported CVE-2017-6740
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2017-6740 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply updates per vendor instructions.
Affected Version(s)
IOS 12.2(14)ZA
IOS 12.2(14)ZA3
IOS 12.2(14)ZA2
References
EPSS Score
12% chance of being exploited in the next 30 days.
CVSS V3.1
CVSS V3.0
Timeline
- 👾
Exploit known to exist
- 🦅
CISA Reported
Vulnerability published
Vulnerability Reserved