Published on: 07 July 2017
Cisco has released a security advisory to address the vulnerabilities of Simple Network Management Protocol (SNMP) in Cisco IOS and IOS XE software. A remote authenticated attacker could exploit the vulnerabilities by sending specially crafted SNMP packets to the affected device.
A successful attack could lead to arbitrary code execution.
Patches for affected systems have not yet been available, but mitigation measures are provided by the product vendor. Users of affected systems should restrict SNMP access on an affected system using ACLs:
http://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/20370-snmpsecurity-20370.html
In addition, administrators should apply the necessary workarounds mentioned in the advisory to disable the related MIBs on the affected devices to mitigate the risk, if such MIBs are not necessary. For detailed information of the available patches, please refer to the section "Fixed Software" of corresponding security advisory at vendor's website.
System administrators should contact their product support vendors for the fixes and assistance.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp
http://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/20370-snmpsecurity-20370.html
https://www.us-cert.gov/ncas/current-activity/2017/06/30/Cisco-Releases-Security-Updates
https://www.hkcert.org/my_url/en/alert/17063001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6736 (to CVE-2017-6744)