CVE-2017-12233
HIGH KEVCisco IOS <15.6 - DoS
Title source: llmDescription
Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuz95334.
References (4)
Scores
CVSS v3
7.5
EPSS
0.1128
EPSS Percentile
93.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CISA KEV
2022-03-03
VulnCheck KEV
2022-03-03
InTheWild.io
2022-03-03
ENISA EUVD
EUVD-2017-3806
CWE
CWE-20
Status
published
Products (2)
cisco/ios
12.4 - 15.6
n/a/Cisco IOS
Cisco IOS
Published
Sep 29, 2017
KEV Added
Mar 03, 2022
Tracked Since
Feb 18, 2026