Cisco Releases Security Advisory for DVMRP Vulnerability in IOS XR Software

Cisco has released a security advisory on a vulnerability—CVE-2020-3566—in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR software. This vulnerability affects Cisco devices running IOS XR software that have an active interface configured under multicast routing. A remote attacker could exploit this vulnerability to exhaust process memory of an affected device. This vulnerability was detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and take the following actions.

Implement the recommended mitigations.
Search for indicators of compromise.
Apply the necessary update, when available.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.

Cisco Releases Security Advisory for DVMRP Vulnerability in IOS XR Software

Please share your thoughts

CISA Releases Three Industrial Control Systems Advisories

CISA and Partners Release Advisory on Akira Ransomware

Oracle Releases Critical Patch Update Advisory for April 2024

CISA Releases Four Industrial Control Systems Advisories

Cisco Releases Security Advisory for DVMRP Vulnerability in IOS XR Software

Please share your thoughts

Related Advisories

CISA Releases Three Industrial Control Systems Advisories

CISA and Partners Release Advisory on Akira Ransomware

Oracle Releases Critical Patch Update Advisory for April 2024

CISA Releases Four Industrial Control Systems Advisories