CVE-2024-20464
CVSS 3.1 Score 8.6 of 10 (high)
Details
Summary
CVE-2024-20464 is a vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XE Software that allows unauthenticated remote attackers to cause a denial of service (DoS) condition on affected devices. This issue arises from insufficient validation of received IPv4 PIMv2 packets, enabling attackers to exploit it by sending crafted packets to PIM-enabled interfaces. The affected Cisco products include various models such as y9qcn1, y8n9j6, and others. To mitigate this vulnerability, organizations are advised to update their Cisco IOS XE Software to the latest version that addresses this security flaw. If successfully exploited, the vulnerability could result in device reloads and significant downtime for network operations due to the high availability impact score of 8.6.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.