Cisco IOS XE Software Secure Copy Protocol Server Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software. This vulnerability allows an authenticated, local attacker with low privileges to cause an affected device to reload unexpectedly, creating a DoS condition. The issue arises from improper handling of malformed SCP requests, which an attacker can exploit by sending crafted commands through SSH.

Impact

Exploitation of this vulnerability leads to an unexpected device reload, causing a denial-of-service condition.

Remediation

Cisco has released software updates to address this vulnerability. Instructions for upgrading to the fixed software can be found on the Cisco Support and Downloads page. Customers without a Cisco service contract should contact the Cisco Technical Assistance Center (TAC) for assistance.