← Back to CVEs
CVE-2018-0175
HIGHCISA KEV8.0
Description
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.
CVE Details
CVSS v3.1 Score8.0
SeverityHIGH
CVSS VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack VectorADJACENT_NETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
Published3/28/2018
Last Modified1/14/2026
Sourcekev
Honeypot Sightings0
CISA KEV
VendorCisco
ProductIOS, XR, and XE Software
Vulnerability NameCisco IOS, XR, and XE Software Buffer Overflow Vulnerability
KEV Date Added2022-03-03
Remediation Due Date2022-03-17
Ransomware UseUnknown
Affected Products
cisco:ioscisco:ios_xecisco:ios_xrrockwellautomation:allen-bradley_armorstratix_5700rockwellautomation:allen-bradley_stratix_5400rockwellautomation:allen-bradley_stratix_5410rockwellautomation:allen-bradley_stratix_5700rockwellautomation:allen-bradley_stratix_5900_services_routerrockwellautomation:allen-bradley_stratix_8000rockwellautomation:allen-bradley_stratix_8300_industrial_managed_ethernet_switch
Weaknesses (CWE)
CWE-119CWE-134
References
http://www.securityfocus.com/bid/103564(psirt@cisco.com)
http://www.securitytracker.com/id/1040586(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05(psirt@cisco.com)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp(psirt@cisco.com)
http://www.securityfocus.com/bid/103564(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1040586(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05(af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0175(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.