Rewterz Threat Advisory – CVE-2020-3517 – Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

Rewterz Threat Alert – Phishing Campaign Targeting Pakistani Users

August 27, 2020

Rewterz Threat Alert – FASTCash 2.0: North Korea’s BeagleBoyz Targeted Bank-Theft Operations

August 27, 2020

Rewterz Threat Advisory – CVE-2020-3517 – Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

Severity

High

Analysis Summary

The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.

Impact

Denial of Service

Affected Vendors

Cisco

Affected Products

Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects

Remediation

Refer to Cisco advisory for the complete list of affected products and their respective patches.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd

Rewterz Threat Alert – Phishing Campaign Targeting Pakistani Users

Rewterz Threat Alert – FASTCash 2.0: North Korea’s BeagleBoyz Targeted Bank-Theft Operations

Rewterz Threat Advisory – CVE-2020-3517 – Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan