CVE-2017-6718

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software versions 6.2.1.BASE through 6.2.1.25i.ROUT Cisco IOS XR Software versions prior to 6.2.11.3i.ROUT Cisco IOS XR Software versions prior to 6.2.1.26i.ROUT Cisco IOS XR Software versions prior to 6.2.1.29i.ROUT

Description The issue exists due to insufficient input validation in the CLI component of the Cisco IOS operating system, as well as incorrect permission settings on binary files. This could allow an authenticated, local attacker to elevate privileges to the root level by sending crafted commands to the affected device, potentially overwriting binaries on the filesystem.

Recommendations For versions 6.2.1.BASE through 6.2.1.25i.ROUT, update to version 6.2.11.3i.ROUT or later. For versions prior to 6.2.1.26i.ROUT, update to version 6.2.1.26i.ROUT or later. For versions prior to 6.2.1.29i.ROUT, update to version 6.2.1.29i.ROUT or later. As a temporary workaround, consider restricting access to the CLI until a patch is available.