Cisco on Wednesday announced patches for multiple NX-OS software vulnerabilities as part of its semiannual FXOS and NX-OS security advisory bundled publication.
The most severe of the bugs is CVE-2024-20446, a high-severity flaw in the DHCPv6 relay agent of NX-OS that could be exploited by remote, unauthenticated attackers to cause a denial-of-service (DoS) condition.
Improper handling of specific fields in DHCPv6 messages allows attackers to send crafted packets to any IPv6 address configured on a vulnerable device.
“A successful exploit could allow the attacker to cause the dhcp_snoop process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition,” Cisco explains.
According to the tech giant, only Nexus 3000, 7000, and 9000 series switches in standalone NX-OS mode are affected, if they run a vulnerable NX-OS release, if the DHCPv6 relay agent is enabled, and if they have at least one IPv6 address configured.
The NX-OS patches resolve a medium-severity command injection defect in the CLI of the platform, and two medium-risk flaws that could allow authenticated, local attackers to execute code with root privileges or escalate their privileges to network-admin level.
Additionally, the updates resolve three medium-severity sandbox escape issues in the Python interpreter of NX-OS, which could lead to unauthorized access to the underlying operating system.
On Wednesday, Cisco also released fixes for two medium-severity bugs in the Application Policy Infrastructure Controller (APIC). One could allow attackers to modify the behavior of default system policies, while the second – which also affects Cloud Network Controller – could lead to escalation of privileges.
Cisco says it is not aware of any of these vulnerabilities being exploited in the wild. Additional information can be found on the company’s security advisories page and in the August 28 semiannual bundled publication.
Related: Cisco Patches High-Severity Vulnerability Reported by NSA
Related: Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira
Related: BIND Updates Resolve High-Severity DoS Vulnerabilities
Related: Johnson Controls Patches Critical Vulnerability in Industrial Refrigeration Products
