CVE-2015-0731

Name of the Vulnerable Software and Affected Versions Cisco IOS version 15.3S

Description The issue is related to the improper processing of malformed ISDN Q931 SETUP messages in the ISDN implementation, which can cause a denial of service (device reload). An unauthenticated, adjacent attacker can exploit this by sending malformed Q931 SETUP messages to the targeted device, resulting in a reload and a denial of service (DoS) condition. The attacker must be on the same broadcast or collision domain as the targeted device to exploit this issue.

Recommendations For Cisco IOS version 15.3S, update to a newer version that includes the software updates provided by Cisco to resolve the issue. As a temporary workaround, consider restricting access to the ISDN processing code to minimize the risk of exploitation.