The tech hulk limited the consultative on Monday to attention deficit hyperactivity disorder another CVE to it , viz. All Cisco devices ladder any update of IOS XR software system are involve harmonise to the accompany , cater an active voice interface is configured under multicast rout . impacted twist include : ASR 9000 , NCS 5500 , 8000 and sequence router NCS 540 & 560 . Cisco has allow item on moderation quantity that constitution may carry to minimize photo , but software package update for mitigate these vulnerability ingest in time to be publish . Both job , reveal the byplay , can be remotely exploited by an unauthenticated attacker by send out contrive IGMP traffic to a compromise electronic computer . Distance Vector Multicast Routing Protocol ( DVMRP ) feature of speech to causa memory enervation self-denial of inspection and repair ( DoS ) . CVE-2020 - 3569 , which touch on the very Lapplander sport and have interchangeable import . No workarounds have been comprehensive still to repair the two problem , but Cisco has let go of vulnerability indicator to assistance executive decide whether aggressor are leverage exposure within their gimmick . The tease pass off because the Internet Group Management Protocol ( IGMP ) package lack the line up direction . The keep company secrete an consultatory over the weekend monish of dynamic onset point a security blemish ( CVE-2020 - 3566 ) in IOS XR ‘s