CVE-2017-12232

CVE-2017-12232

Vendor N/A
Product Cisco IOS
Weakness CWE-399
KEV Status Known Exploited
Published September 28, 2017
Last update January 12, 2026

CVSS base score

What the vulnerability does

01Description

A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.

CISA mandated remediation

02CISA Required Action

Apply updates per vendor instructions.

Key dates

03Disclosure timeline

September 28, 2017 CVE published
January 12, 2026 Record updated