![[The AI Show Episode 142]: ChatGPT’s New Image Generator, Studio Ghibli Craze and Backlash, Gemini 2.5, OpenAI Academy, 4o Updates, Vibe Marketing & xAI Acquires X](https://www.marketingaiinstitute.com/hubfs/ep%20142%20cover.png)
![[FREE EBOOKS] The Kubernetes Bible, The Ultimate Linux Shell Scripting Guide & Four More Best Selling Titles](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
![From drop-out to software architect with Jason Lengstorf [Podcast #167]](https://cdn.hashnode.com/res/hashnode/image/upload/v1743796461357/f3d19cd7-e6f5-4d7c-8bfc-eb974bc8da68.png?#)
.png?#)
.jpg?#)
_Christophe_Coat_Alamy.jpg?#)
![Rapidus in Talks With Apple as It Accelerates Toward 2nm Chip Production [Report]](https://www.iclarified.com/images/news/96937/96937/96937-640.jpg)
Cisco Nexus Switches Vulnerability Lets Attackers Trigger DoS Condition
Cisco has released a security advisory addressing a vulnerability in its Nexus 3000 and 9000 Series Switches that could allow attackers to trigger a denial-of-service (DoS) condition. The vulnerability found in the health monitoring diagnostics of the switches could lead to unexpected device reloads. The vulnerability originates from the incorrect handling of specific Ethernet frames. […] The post Cisco Nexus Switches Vulnerability Lets Attackers Trigger DoS Condition appeared first on Cyber Security News.
Cisco has released a security advisory addressing a vulnerability in its Nexus 3000 and 9000 Series Switches that could allow attackers to trigger a denial-of-service (DoS) condition.
The vulnerability found in the health monitoring diagnostics of the switches could lead to unexpected device reloads.
The vulnerability originates from the incorrect handling of specific Ethernet frames. An unauthenticated, adjacent attacker could exploit this flaw by sending a sustained rate of crafted Ethernet frames to an affected device.
Successful exploitation could cause the device to reload, disrupting network operations.
Affected Products
The vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software, regardless of device configuration:
- Nexus 3100 Series Switches
- Nexus 3200 Series Switches
- Nexus 3400 Series Switches
- Nexus 3600 Series Switches
- Nexus 9200 Series Switches in standalone NX-OS mode
- Nexus 9300 Series Switches in standalone NX-OS mode
- Nexus 9400 Series Switches in standalone NX-OS mode
Cisco has confirmed that the vulnerability does not affect other Cisco products, including Firepower and MDS series and certain Nexus switches.
Cisco’s Security Indicators of Compromise Reference Guide details identifying devices potentially impacted by this vulnerability.
A successful exploit may result in consecutive failures of the L2ACLRedirect health monitoring diagnostic test or the RewriteEngineLoopback test on Nexus 3100 and 3200 Series Switches.
Syslog messages, such as “L2ACLREDIRECT_LOOPBACK_TEST_FAIL” or “REWRITE_ENGINE_LOOPBACK_TEST_FAIL,” indicate a potential compromise, followed by a device reboot with the reason code “Kernel Panic.” It’s important to note that these diagnostic test failures can also occur for reasons unrelated to this vulnerability.
Mitigations
Cisco has released software updates to address this vulnerability. Customers with service contracts should obtain these fixes through their usual update channels.
Cisco advises customers to consult the security advisories for Cisco products to determine exposure and identify a complete upgrade solution.
Cisco provides the Cisco Software Checker tool to help customers determine their exposure to vulnerabilities in Cisco NX-OS Software. This tool identifies Cisco security advisories that impact a specific software release and the earliest release that fixes the described vulnerabilities.
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability, which was found during internal security testing.
Collect Threat Intelligence on the Latest Malware and Phishing Attacks with ANY.RUN TI Lookup -> Try for free
The post Cisco Nexus Switches Vulnerability Lets Attackers Trigger DoS Condition appeared first on Cyber Security News.
