CVE-2017-12239

Name of the Vulnerable Software and Affected Versions Cisco ASR 1000 Series Aggregation Services Routers versions 3.16 through 16.5 Cisco cBR-8 Converged Broadband Routers versions 3.16 through 16.5

Description A vulnerability in the motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to access an affected device's operating system. The vulnerability exists because an engineering console port is available on the motherboard of the affected line cards. An attacker could exploit this vulnerability by physically connecting to the console port on the line card. A successful exploit could allow the attacker to gain full access to the affected device's operating system.

Recommendations For Cisco ASR 1000 Series Aggregation Services Routers versions 3.16 through 16.5, update to a fixed software release. For Cisco cBR-8 Converged Broadband Routers versions 3.16 through 16.5, update to a fixed software release. As a temporary workaround, consider restricting physical access to the console port on the line card to minimize the risk of exploitation.