CVE-2017-12235 — Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability
2022-03-03 • CISA Known Exploited Vulnerability
[event] A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Cisco |
| Product | IOS software |
| CWE | CWE-20 |
| CVE ID | CVE-2017-12235 |
| Date Added | 2022-03-03 |
| Due Date | 2022-03-24 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-03-24