Cisco has released a security advisory about a vulnerability in Cisco devices. A remote attacker could exploit the vulnerability by sending malformed CMP-specific Telnet options to the affected system.
The complete list of vulnerable systems can be found in the "Affected Products" section of individual Cisco Security Advisory available at:
Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp
A successful attack could cause arbitrary code execution, reload or take control of a vulnerable device.
Patches for affected systems are not yet available but mitigation measures are provided by the product vendor. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3881