CVE-2020-3569: Cisco IOS XR Software DVMRP Memory Exhaustion
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability. Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
- CISA KEV-listed (remediation due 2022-05-03)
- EPSS 4.7% (89.6% percentile)