Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Cisco - Issue with Clock Signal Component - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco - Issue with Clock Signal Component

One of our readers, Dalibor Cerar, sent us an email about an issue impacting Cisco...at this point.  While its a hardware issue, the result if it occurs is a self inflicted Denial of Service.  Cisco released a notice on February 2 that some of its products had an issue with the Clock Signal component manufactured by a supplier.  This was discovered late in November 2016.  According to Cisco:

"Although the Cisco products with this component are currently performing normally, we expect product failures to increase over the years, beginning after the unit has been in operation for approximately 18 months. Once the component has failed, the system will stop functioning, will not boot, and is not recoverable."

Keep in mind, Cisco says the component is used by other companies so I would expect to see this list grow to other vendors.

Here is the current list of the known Cisco/Meraki products and the link to their Field Notice:


Optical Networking:
FN-64230 :  NCS1K-CNTLR  

Routing:
FN-64231 : NCS5500 Line Cards  
FN-64252 : IR809/IR829 Industrial Integrated Services Routers
FN-64253 : ISR4331, ISR4321, ISR4351 and UCS-E120

Security:
FN-64228 : ASA 5506, ASA 5506W, ASA 5506H, ASA 5508, and ASA 5516 
FN-64250 : Cisco ISA3000 Industrial Security Appliance
Meraki Notification - MX 84 

Switches:
FN-64251 - Nexus 9000 Series N9K-C9504-FM-E/N9K-C9508-FM-E/N9K-X9732C-EX 
Meraki Notification - MS350 Series 

 

 

Lorna

150 Posts
ISC Handler
Just thought I would add some comments from a case I opened with Cisco. Hopefully this is helpful to others using these routers. The routers ISR4331 that are affected with the faulty parts have a serial number lower than " xxx2049xxxx "
Anonymous

Posts
I have an 4431 s/n xxx-21xx-xxxx, mfg date 27/Jan/2017 that is vulnerable.
Anonymous

Posts
This sounds like the recently announced Intel Avoton/Rangley chipset bug.
Anonymous

Posts
You are correct.
Atom C2000 series bug, Errata AVR54
Found here: ssl.intel.com/content/dam/www/public/us/en/documents/specification-updates/…
Rob VandenBrink

435 Posts Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!