VYPR
← All advisories
High severity7.5NVD Advisory· Published May 14, 2016· Updated May 6, 2026

CVE-2016-1399

CVE-2016-1399

Description

Crafted ICMP IPv4 packets cause packet corruption in Cisco IOS on Industrial Ethernet 4000/5000 switches, leading to denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Crafted ICMP IPv4 packets cause packet corruption in Cisco IOS on Industrial Ethernet 4000/5000 switches, leading to denial of service.

Vulnerability

The vulnerability resides in the packet-processing microcode of Cisco IOS Software on Industrial Ethernet 4000 Series Switches (versions 15.2(2)EA, 15.2(2)EA1, 15.2(2)EA2, and 15.2(4)EA) and Industrial Ethernet 5000 Series Switches (versions 15.2(2)EB and 15.2(2)EB1). It also affects Rockwell Automation Allen-Bradley Stratix 5400 and 5410 switches that run the same firmware [1][2]. The bug is triggered by improper processing of certain ICMP IPv4 packets.

Exploitation

An unauthenticated, remote attacker can exploit this vulnerability by sending specially crafted ICMP IPv4 packets to an affected device. No user interaction or special network position is required. The malicious packet corrupts the packet enqueued immediately after it in the device's processing queue [2].

Impact

Successful exploitation causes packet data corruption, which can disrupt control traffic (e.g., ARP) or traffic transiting the device. This leads to a denial-of-service condition that may affect industrial control system operations [1][2].

Mitigation

Cisco has released software updates that address this vulnerability; affected users should upgrade to a fixed Cisco IOS release [2]. Rockwell Automation has also produced new firmware for the Stratix 5400 and 5410 switches [1]. No workarounds are available. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.

References
  1. Rockwell Automation Allen-Bradley Stratix 5400 and 5410 Packet Corruption Vulnerability | CISA
  2. Cisco Security Advisory: Cisco Industrial Ethernet 4000 and Ethernet 5000 Series Switches ICMP IPv4 Packet Corruption Vulnerability

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

7
  • Cisco Systems, Inc./Cisco iOS7 versions
    cpe:2.3:a:cisco:ios:15.2\(2\)ea2:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:cisco:ios:15.2\(2\)ea2:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:ios:15.2\(4\)ea:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:ios:15.2\(2\)ea:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:ios:15.2\(2\)ea1:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:ios:15.2\(2\)eb:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:ios:15.2\(2\)eb1:*:*:*:*:*:*:*
    • (no CPE)range: 15.2(2)EA, 15.2(2)EA1, 15.2(2)EA2, 15.2(4)EA on Industrial Ethernet 4000 and 15.2(2)EB, 15.2(2)EB1 on Industrial Ethernet 5000

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.