CVE-2017-6737

high-risk

Published 2017-07-17

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device.  The vulnerability is due to a buffer overflow in the affected code area. The vulnerability affects all versions of SNMP (versions 1, 2c, and 3). The attacker must know the SNMP read only community string (SNMP version 2c or earlier) or the user credentials (SNMPv3). An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. Only traffic directed to the affected system can be used to exploit this vulnerability.

Do I need to act?

34.2% chance of exploitation in next 30 days

EPSS score — higher than 66% of all CVEs

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (2)

Ios Xe

Ios

Affected Vendors

Cisco

References (5)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ci...

Broken Link http://www.securityfocus.com/bid/99345

Broken Link http://www.securitytracker.com/id/1038808

Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2...

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-...

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 23/34 · High

Exposure 7/34 · Low