A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ios | Cisco | 15.2(4)e (including) | 15.2(4)e (including) |
| Ios | Cisco | 15.2(5) (including) | 15.2(5) (including) |
References
- http://www.securityfocus.com/bid/105427
- http://www.securitytracker.com/id/1041737
- https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp
- http://www.securityfocus.com/bid/105427
- http://www.securitytracker.com/id/1041737
- https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp