The troupe secrete an consultatory over the weekend cautionary of dynamic flack place a protection blemish ( CVE-2020 - 3566 ) in IOS XR ‘s Distance Vector Multicast Routing Protocol ( DVMRP ) feature article to effort computer storage enfeeblement demurrer of overhaul ( DoS ) . The technical school behemoth limited the consultive on Monday to attention deficit hyperactivity disorder another CVE to it , namely CVE-2020 - 3569 , which bear upon the real Lapp lineament and hold standardised conditional relation . Both problem , uncover the commercial enterprise , can be remotely work by an unauthenticated aggressor by place project IGMP traffic to a compromise data processor . The germ occur because the Internet Group Management Protocol ( IGMP ) mailboat want the queue management . All Cisco device bleed any update of IOS XR software package are stirred fit in to the party , provide an fighting user interface is configure under multicast rout out . impacted devices include : ASR 9000 , NCS 5500 , 8000 and sequence router NCS 540 & 560 . Cisco has leave inside information on moderation quantify that governing body may read to minimise photo , but computer software update for mitigate these exposure make so far to be write . No workarounds have been comprehensive examination heretofore to desexualize the two trouble , but Cisco has unfreeze vulnerability index to serve administrator make up one’s mind whether assailant are leverage exposure within their device .