发布日期：2020-09-24
更新日期：2020-10-10

受影响系统：

Cisco Industrial Ethernet 1000 Series Switches
Cisco 2520 Connected Grid Switches
Cisco Catalyst IE3200 Rugged Switches
Cisco Catalyst IE3300 Rugged Switches
Cisco Catalyst IE3400 Heavy Switches
Cisco Catalyst IE3400 Rugged Switches
Cisco Embedded Services 2020 Series Switches
Cisco Embedded Services 3300 Series Switches
Cisco Industrial Ethernet 2000 Series Switches
Cisco Industrial Ethernet 2000U Series Switches
Cisco Industrial Ethernet 3000 Series Switches
Cisco Industrial Ethernet 3010 Series Switches
Cisco Industrial Ethernet 4000 Series Switches
Cisco Industrial Ethernet 4010 Series Switches
Cisco Industrial Ethernet 5000 Series Switches

描述：

---

CVE(CAN) ID: CVE-2020-3512

Cisco IOS和IOS XE是美国思科（Cisco）公司的一套为其网络设备开发的操作系统。
Cisco IOS Software and Cisco IOS XE Software的链路层发现协议（LLDP）消息的PROFINET处理程序存在拒绝服务漏洞。该漏洞源于PROFINET LLDP消息处理程序未对LLDP消息进行充分验证。未经身份认证的攻击者可通过向受影响设备发送恶意的LLDP消息利用该漏洞造成设备崩溃，从而导致拒绝服务（DoS）。以下启用了PROFINET功能的产品受到影响：2520 Connected Grid Switches、Catalyst IE3200 Rugged Switches、Catalyst IE3300 Rugged Switches、Catalyst IE3400 Heavy Switches、Catalyst IE3400 Rugged Switches、Embedded Services 2020 Series Switches、Embedded Services 3300 Series Switches、Industrial Ethernet 1000 Series Switches、Industrial Ethernet 2000 Series Switches、Industrial Ethernet 2000U Series Switches、Industrial Ethernet 3000 Series Switches、Industrial Ethernet 3010 Series Switches、Industrial Ethernet 4000 Series Switches、Industrial Ethernet 4010 Series Switches、Industrial Ethernet 5000 Series Switches

<*来源：Cisco
  
  链接：https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qY
*>

建议：

---

厂商补丁：

Cisco
-----
Cisco已经为此发布了一个安全公告（cisco-sa-ios-profinet-dos-65qYG3W5）以及相应补丁:
cisco-sa-ios-profinet-dos-65qYG3W5：Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability
链接：https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qY

浏览次数：992
严重程度：0（网友投票）