CVE-2017-3853

Name of the Vulnerable Software and Affected Versions Cisco IOx versions 1.0.0.0 through 1.1.0.0 Cisco 800 Series Industrial Integrated Services Routers, including Cisco IR809 and Cisco IR829 versions (affected versions not specified)

Description A vulnerability in the Data-in-Motion (DMo) process could allow an unauthenticated, remote attacker to cause a stack overflow, potentially leading to remote code execution with root privileges in the virtual instance. The issue is due to insufficient bounds checking in the DMo process. An attacker could exploit this by sending crafted packets for evaluation. The impact of a successful exploit is limited to the virtual instance and does not affect the hosting router.

Recommendations For Cisco IOx versions 1.0.0.0 and 1.1.0.0, consider disabling the DMo process as a temporary workaround until a patch is available. Restrict access to the virtual instance to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.