Cyber Resilience

CVE-2018-0167

HighCISA KEVActive ExploitationEUVD Exploited

Published: 28 March 2018

Published
28 March 2018
Modified
14 January 2026
KEV Added
03 March 2022
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0121 79.4th percentile
Risk Priority 38 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2018-0167 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Cisco Ios. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 20.6% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

Multiple buffer overflow vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software, tracked under Cisco Bug IDs CSCuo17183 and CSCvd73487 and assigned CWE-119. These flaws affect devices running the specified Cisco operating systems and carry a CVSS 3.1 base score of 8.8.

An unauthenticated adjacent attacker can exploit the issues over the local network without credentials or user interaction to trigger a denial-of-service condition or to execute arbitrary code with elevated privileges on the affected device.

ICS-CERT has published multiple advisories (ICSA-18-107-03, ICSA-18-107-04, and ICSA-18-107-05) along with related notices on SecurityFocus and SecurityTracker that address the vulnerabilities.

EU & UK References

Vulnerability details

Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or…

more

execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.

CWE(s)
KEV Date Added
03 March 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

cisco
ios
5.2.0.base · ≤ 15.6.3m1 · ≤ 15.2\(6\)e0a · ≤ 15.2\(4a\)ea5
cisco
ios xe
5.2.0.base · ≤ 15.6.3m1 · ≤ 15.2\(6\)e0a · ≤ 15.2\(4a\)ea5
cisco
ios xr
4.1 — 5.1.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of all inputs (including LLDP packets) to reject malformed data that triggers the buffer overflows.

prevent

Enforces memory-protection mechanisms that block exploitation of the CWE-119 buffer overflows even if malformed LLDP frames are received.

prevent

Requires disabling or restricting unnecessary protocols such as LLDP when not explicitly needed, eliminating the attack surface on affected Cisco devices.

References