CVE-2018-0170

Vulnerability

A use-after-free vulnerability exists in the Cisco Umbrella Integration feature of Cisco IOS XE Software ([1]). The bug is triggered when the device processes a malformed incoming IP packet, leading to access of an internal data structure after it has been freed ([1]). Affected versions include Cisco IOS XE software releases that integrate Cisco Umbrella (OpenDNS) functionality. The specific vulnerable code path is reachable without authentication from the network.

Exploitation

An unauthenticated, remote attacker can exploit this vulnerability by sending a crafted, malformed IP packet to an affected device over the network ([1]). No prior authentication or special network position is required beyond the ability to deliver a single malicious packet to the targeted device.

Impact

Successful exploitation causes the affected device to reload, resulting in a denial of service (DoS) condition ([1]). The attack impacts availability, but does not by itself allow an attacker to gain code execution or compromise data confidentiality or integrity beyond the device's temporary outage.

Mitigation

Cisco has released free software updates addressing this vulnerability as of the 2018-03-28 advisory date ([1]). Customers should upgrade to the fixed Cisco IOS XE software releases specified in the Cisco Security Advisory. No workarounds are documented in the available references; the recommended mitigation is installing the updated software version.