Advisory Published

cisco-sa-iosxr-bgp-dos-O7stePhX: Cisco IOS XR Software Border Gateway Protocol Confederation Denial of Service Vulnerability

First published: Wed Mar 12 2025(Updated: )

A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.This vulnerability is due to a memory corruption that occurs when a BGP update is created with an AS_CONFED_SEQUENCE attribute that has 255 autonomous system numbers (AS numbers). An attacker could exploit this vulnerability by sending a crafted BGP update message, or the network could be designed in such a manner that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more. A successful exploit could allow the attacker to cause memory corruption, which may cause the BGP process to restart, resulting in a DoS condition. To exploit this vulnerability, an attacker must control a BGP confederation speaker within the same autonomous system as the victim, or the network must be designed in such a manner that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more.Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability.This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bgp-dos-O7stePhXThis advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication.

Affected SoftwareAffected VersionHow to fix
Cisco IOS XRv 9000

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of cisco-sa-iosxr-bgp-dos-O7stePhX?

    The severity of cisco-sa-iosxr-bgp-dos-O7stePhX is critical due to its potential to cause a denial of service condition.

  • What causes the cisco-sa-iosxr-bgp-dos-O7stePhX vulnerability?

    The cisco-sa-iosxr-bgp-dos-O7stePhX vulnerability is caused by a memory corruption in the BGP confederation implementation in Cisco IOS XR Software.

  • Who is affected by cisco-sa-iosxr-bgp-dos-O7stePhX?

    The cisco-sa-iosxr-bgp-dos-O7stePhX vulnerability affects devices running Cisco IOS XR Software.

  • How do I fix cisco-sa-iosxr-bgp-dos-O7stePhX?

    To fix cisco-sa-iosxr-bgp-dos-O7stePhX, upgrade to the latest version of Cisco IOS XR Software that addresses this vulnerability.

  • Can cisco-sa-iosxr-bgp-dos-O7stePhX be exploited remotely?

    Yes, cisco-sa-iosxr-bgp-dos-O7stePhX can be exploited by unauthenticated remote attackers.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203