TL;DR 📌

A medium-severity vulnerability has been identified in the CLI of Cisco IOS and IOS XE Software, allowing an authenticated local attacker to cause a denial of service (DoS) by exploiting a buffer overflow. No workarounds are available, and Cisco recommends upgrading to fixed software releases.

What happened 🕵️‍♂️

A vulnerability in the CLI of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This issue arises from a buffer overflow that can be exploited using crafted commands at the CLI prompt. While proof-of-concept exploit code is available, there have been no reports of malicious exploitation.