【資安漏洞預警】Cisco IOS與IOS XE Software存在高風險安全漏洞(CVE-2017-6736至CVE-2017-6744),請儘速確認並進行修補
[Security Vulnerability Alert] Cisco IOS and IOS XE Software have high-risk security vulnerabilities (CVE-2017-6736 to CVE-2017-6744). Please confirm and patch as soon as possible.

發布單位:圖資處數位服務組
日期範圍:2025/8/7 ~ 2026/2/7
 
發布單位:圖資處數位服務組
日期範圍:2025/8/7 ~ 2026/2/7
行政 行政公告
全體

轉發 國家資安資訊分享與分析中心 NISAC-200-202508-00000021

[內容說明]
研究人員發現Cisco IOS與IOS XE Software之SNMP功能存在緩衝區溢位(Buffer Overflow)漏洞(CVE-2017-6736至CVE-2017-6744),允許已取得SNMP Community String之遠端攻擊者利用此漏洞於設備執行任意程式碼。此系列漏洞於2017年揭露,於2022年列進KEV清單,並於近期更新影響產品與緩解措施等資訊,請儘速確認並進行修補。

[影響平台]
所有使用Cisco IOS與IOS XE Software並開啟SNMP功能之所有設備

[建議措施]
1.官方已針對漏洞釋出修復更新,請參考官方說明進行更新,網址如下:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp

可使用Cisco Software Checker(https://sec.cloudapps.cisco.com/security/center/softwarechecker.x )確認現行使用之Cisco IOS與IOS XE Software版本是否受到影響

[參考資料]
1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp
2. https://nvd.nist.gov/vuln/detail/cve-2017-6736
3. https://nvd.nist.gov/vuln/detail/cve-2017-6737
4. https://nvd.nist.gov/vuln/detail/cve-2017-6738
5. https://nvd.nist.gov/vuln/detail/cve-2017-6739
6. https://nvd.nist.gov/vuln/detail/cve-2017-6740
7. https://nvd.nist.gov/vuln/detail/cve-2017-6741
8. https://nvd.nist.gov/vuln/detail/cve-2017-6742
9. https://nvd.nist.gov/vuln/detail/cve-2017-6743
10. https://nvd.nist.gov/vuln/detail/cve-2017-6744

Forwarded by the National Information Security Information Sharing and Analysis Center (NISAC-200-202508-00000021)

[Description]
Researchers have discovered buffer overflow vulnerabilities (CVE-2017-6736 to CVE-2017-6744) in the SNMP functionality of Cisco IOS and IOS XE Software. These vulnerabilities allow remote attackers who have obtained the SNMP community string to execute arbitrary code on the device. This series of vulnerabilities was disclosed in 2017 and added to the KEV list in 2022. Information on affected products and mitigation measures has recently been updated. Please verify and patch them as soon as possible.

[Affected Platforms]
All devices using Cisco IOS and IOS XE Software with SNMP enabled

[Recommended Actions]
1. An official update has been released to fix the vulnerability. Please refer to the official instructions for updating:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp

You can use the Cisco Software Checker (https://sec.cloudapps.cisco.com/security/center/softwarechecker.x) to determine if your current Cisco IOS and IOS XE Software versions are affected.

[References]
1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp
2. https://nvd.nist.gov/vuln/detail/cve-2017-6736
3. https://nvd.nist.gov/vuln/detail/cve-2017-6737
4. https://nvd.nist.gov/vuln/detail/cve-2017-6738
5. https://nvd.nist.gov/vuln/detail/cve-2017-6739
6. https://nvd.nist.gov/vuln/detail/cve-2017-6740
7. https://nvd.nist.gov/vuln/detail/cve-2017-6741
8. https://nvd.nist.gov/vuln/detail/cve-2017-6742
9. https://nvd.nist.gov/vuln/detail/cve-2017-6743
10. https://nvd.nist.gov/vuln/detail/cve-2017-6744


相關附件
【返回上頁】
Top↑