CVE-2017-12233

HIGH KEV

Cisco IOS 12.4-15.6 - Unauthenticated Denial of Service via CIP Packet Parsing

Title source: llm

Exploitation Summary

CVE-2017-12233 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 3, 2022.

Description

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuz95334.

References (4)

Core 4

Core References

Vendor Advisory x_refsource_confirm

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cip

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/101038

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1039459

Third Party Advisory, US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-12233

Scores

CVSS v3 7.5

EPSS 0.1128

EPSS Percentile 93.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable yes

Technical Impact partial

Details

CISA KEV 2022-03-03

VulnCheck KEV 2022-03-03

InTheWild.io 2022-03-03

ENISA EUVD EUVD-2017-3806

CWE

CWE-20

Status published

Products (2)

cisco/ios 12.4 - 15.6

n/a/Cisco IOS Cisco IOS

Published Sep 29, 2017

KEV Added Mar 03, 2022

Tracked Since Feb 18, 2026