Home Cisco CVE-2017-6627
CRITICAL: THIS VULNERABILITY IS ACTIVELY BEING EXPLOITED IN THE WILD (CISA KEV CATALOG)
Back to Cisco

CVE-2017-6627

Exploited

Cisco IOS - UDP Processing Code

Cisco CVSS 7.5 Updated April 30, 2026

Executive Risk Summary

"A vulnerability in the UDP processing code of Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition by sending UDP packets with a destination port of 0 to an affected device. This vulnerability is due to Cisco IOS Software application changes that create UDP sockets and leave the sockets idle without closing them."

Anticipated Attack Path

  1. 1. Attacker sends UDP packets with a destination port of 0 to the affected device
  2. 2. UDP packets are held in the input interface queue
  3. 3. Input interface queue becomes wedged, causing a DoS condition

Am I Vulnerable?

  • Verify Cisco IOS version is 15.1, 15.2, or 15.4, or IOS XE 3.14 through 3.18
  • Check for idle UDP sockets
  • Monitor input interface queue for signs of wedging

Operational Audit Arsenal

Target Type Process
Target Asset IOS
Standard Path Affected Cisco devices

Manual Verification Required

This is a non-Windows asset (Cisco). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.

Patch Impact Forecast

Reboot Required Likely

Network connectivity may be disrupted during the patching process

Internal Work Notes

CVE-2017-6627: Cisco IOS UDP Processing Code Vulnerability - Potential for Denial of Service (DoS) condition due to unauthenticated UDP packet processing

Technical Intelligence & Operational Utilities • Delivered Weekly

Intelligence Sources

Official Advisoryhttp://www.securityfocus.com/bid/100644
Official Advisoryhttp://www.securitytracker.com/id/1039289
Official Advisoryhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-ios-udp
Official Advisoryhttp://www.securityfocus.com/bid/100644
Official Advisoryhttp://www.securitytracker.com/id/1039289
Official Advisoryhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-ios-udp
Official Advisoryhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6627

Related Cisco Threats

CVE-2026-20079 CVSS 10

Secure Firewall Management Center (FMC) Software
CVE-2026-20127 CVSS 10

Catalyst SD-WAN Controller - Peering Authentication
CVE-2025-20188 CVSS 10

Cisco IOS XE - Wireless LAN Controllers
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.