CVE-2023-20187

Summary

CVE-2023-20187 is a denial-of-service vulnerability impacting the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software on Cisco ASR 1000 Series Aggregation Services Routers. An unauthenticated, remote attacker can exploit this issue by sending a maliciously crafted IPv6 multicast or IPv6 multicast VPN (MVPNv6) packet to the affected device. The vulnerability arises due to incorrect packet handling when multicast packets are fanned out more than seven times, potentially resulting in a device reload and subsequent denial of service (DoS) condition.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.