Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Multicast DNS Denial of Service Vulnerability

Vulnerability

The vulnerability exists in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers. It is caused by improper validation of mDNS packets. An unauthenticated, remote attacker can exploit this by sending a crafted mDNS packet to an affected device. The vulnerability affects devices running vulnerable versions of Cisco IOS XE Software, as detailed in the Cisco advisory [1].

Exploitation

An attacker does not need any prior authentication or local network access; exploitation can occur remotely over the network. The attacker sends a single crafted mDNS packet to the targeted device. No user interaction or special privileges are required [1].

Impact

Successful exploitation causes the affected device to reload, resulting in a denial of service (DoS) condition. This disrupts normal operation of the wireless controller, potentially affecting all connected clients and management functions [1].

Mitigation

Cisco has released free software updates that address this vulnerability. Customers are advised to upgrade to a fixed version of Cisco IOS XE Software as indicated in the security advisory [1]. There are no workarounds mentioned. Customers can also contact the Cisco TAC for assistance [1].