Cisco has issued a security notification to warn users that the IOS 15.1(2)T software release has a vulnerability allowing for denial of service (DOS) attacks.
The vulnerability affects all routers and gateways fitted with the software, with the vulnerability found to be allowing DOS attacks during the TCP establishment phase, causing connections to remain in the SYNRCVD or SYNSENT state.
According to the notification, attackers could potentially make use of the vulnerability by simply using spoofed packets, as no authentication is required to exploit it. Normal network traffic could potentially trigger the attack as well if network traffic is terminated or originates from the affected device. However, transit traffic will not affect the vulnerability.
The networking giant has released a software fix, IOS 15.1(2)T0a, to address the issue. Cisco also recommends mitigating against the vulnerability through anti-spoofing measures on the network edge.