Condorlab

Cisco – Vulnerability in library of Cisco IOS and IOS XE Software


Advisory IDRSN-SIP-1640

Vulnerability Information

A vulnerability in the common Session Initiation Protocol (SIP) library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient sanity checks on an internal data structure. An attacker could exploit this vulnerability by sending a sequence of malicious SIP messages to an affected device. An exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the iosd process. This triggers a reload of the device.

Technical Information

A remote attacker could send a sequence of malicious SIP messages to an affected device to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. An exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the iosd process.

Solutions

The UCTM solution from RedShift Networks provides the industry’s first complete security solution developed to secure VOIP networks, endpoints and applications. His research team Condor-Labs.com is constantly looking for new attack patterns, advanced penetration testing methods, vulnerability identification and deployment of new signatures for constantly subscribed clients. For more information visit www.redshiftnetworks.com

External Resources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-dos

Common Vulnerabilities and Exposures (CVE)

https://www.cvedetails.com/cve/CVE-2019-12654/