CVE-2024-20433
CVSS 3.1 Score 8.6 of 10 (high)
Details
Summary
CVE-2024-20433 is a high-severity vulnerability affecting Cisco IOS Software and Cisco IOS XE Software, caused by a buffer overflow in the Resource Reservation Protocol (RSVP) feature. An unauthenticated remote attacker can exploit this vulnerability by sending crafted RSVP packets, potentially leading to an unexpected device reload and resulting in a denial of service (DoS) condition. The exploitability score is rated at 3.9, with an overall base score of 8.6 on the CVSS scale, indicating a high impact on availability. To remediate this vulnerability, organizations should apply the necessary patches provided by Cisco as outlined in their security advisory. Failure to address this issue could leave systems vulnerable to significant disruptions in service and operational capabilities.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.