Cisco warns of actively exploited IOS XR zero-days Cisco said it discovered the attacks last week during a support case the company's support team was called in to investigate.

Cisco has addressed a zero-day vulnerability in its IOS XR router software that allowed unauthenticated attackers to remotely gain access to Redis instances running in NOSi Docker containers.

Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message.

Cisco announced further disaggregation of its IOS XR platform targeted at service providers, though some support is limited.

The said requirements strike off some widely used Cisco products from the vulnerable products list, including IOS Software, IOS XR Software, Meraki products, NX-OS Software, and WLC AireOS Software.

The vulnerability affects networking devices running Cisco’s IOS, IOS XE and IOS XR operating systems that process IKEv1 (Internet Key Exchange version 1) packets.

The introduction in May of IOS-XR, the software powering Cisco's CRS-1 terabit router, signals a new direction for IOS, as the software will take on a more modular architecture, with the promise ...