CVE-2020-3566 — Actively Exploited: IOS XR (Cisco)
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
| CVE ID | CVE-2020-3566 |
|---|---|
| Vendor | Cisco |
| Product | IOS XR |
| Vulnerability name | Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability |
| Date added | 2021-11-03 |
| Remediation due | 2022-05-03 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions. |
| Description | Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →