High-Severity Vulnerability in Cisco IOS XR Software

Published on 13 Mar 2023

Cisco has released security updates to address a high-severity vulnerability (CVE-2023-20049) in their IOS XR Software for ASR 9000 Series Routers.

The vulnerability is due to the incorrect handling of malformed Bidirectional Forwarding Detection (BFD) packets that are received on line cards where the BFD hardware offload feature is enabled. Successful exploitation of the vulnerability could allow a remote, unauthenticated attacker to reset a line card, resulting in that line card losing traffic while it reloads, potentially leading to a denial of service (DoS) condition.

The following Cisco products are affected:

• ASR 9000 Series Aggregation Services Routers only if they have a Lightspeed or Lightspeed-Plus-based line card installed

• ASR 9902 Compact High-Performance Routers

• ASR 9903 Compact High-Performance Routers

Users and administrators of the affected products are advised to upgrade their Cisco IOS XR Software to the latest versions immediately.

More information is available here:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbT

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20049

https://nvd.nist.gov/vuln/detail/CVE-2023-20049

https://digital.nhs.uk/cyber-alerts/2023/cc-4279#:~:text=The%20High%20severity%20vulnerability%2C%20CVE,%2Dservice%20(DoS)%20condition