Cyber Resilience

CVE-2018-0172

HighCISA KEVActive ExploitationEUVD Exploited

Published: 28 March 2018

Published
28 March 2018
Modified
14 January 2026
KEV Added
03 March 2022
Patch
CVSS Score v3.1 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS Score 0.0619 91.1th percentile
Risk Priority 41 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2018-0172 is a high-severity Improper Input Validation (CWE-20) vulnerability in Cisco Ios. Its CVSS base score is 8.6 (High).

Operationally, ranked in the top 8.9% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated remote attacker to trigger a heap overflow condition. The flaw stems from incomplete input validation of option 82 data received in DHCPv4 packets from relay agents, as tracked under Cisco Bug ID CSCvg62730 and assigned CWE-20 and CWE-787. Successful exploitation results in a device reload and denial of service.

An attacker can exploit the issue by sending a crafted DHCPv4 packet to an affected device over the network. No authentication or user interaction is required, and the attack can be launched remotely with low complexity, producing a CVSS 3.1 base score of 8.6 that reflects high availability impact across security contexts.

Cisco has published Security Advisory cisco-sa-20180328-dhcpr1 along with related ICS-CERT advisories ICSA-18-107-04 and ICSA-18-107-05 that address the issue; practitioners should consult these documents for mitigation steps and software updates.

EU & UK References

Vulnerability details

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The…

more

vulnerability exists because the affected software performs incomplete input validation of option 82 information that it receives in DHCP Version 4 (DHCPv4) packets from DHCP relay agents. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device. A successful exploit could allow the attacker to cause a heap overflow condition on the affected device, which will cause the device to reload and result in a DoS condition. Cisco Bug IDs: CSCvg62730.

CWE(s)
KEV Date Added
03 March 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

cisco
ios
all versions
cisco
ios xe
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces validation of DHCPv4 option 82 data before processing, eliminating the incomplete input validation root cause (CWE-20) that triggers the heap overflow.

prevent

Requires timely application of vendor patches that correct the DHCP option 82 handling flaw (CSCvg62730) before an attacker can send a crafted packet.

prevent

Limits the effects of the resulting denial-of-service condition by protecting availability when a heap overflow reload is triggered by the malformed DHCP packet.

References