Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cisco - Issue with Clock Signal Component

Published: 2017-02-03
Last Updated: 2017-02-03 14:26:34 UTC
by Lorna Hutcheson (Version: 1)
4 comment(s)

One of our readers, Dalibor Cerar, sent us an email about an issue impacting this point.  While its a hardware issue, the result if it occurs is a self inflicted Denial of Service.  Cisco released a notice on February 2 that some of its products had an issue with the Clock Signal component manufactured by a supplier.  This was discovered late in November 2016.  According to Cisco:

"Although the Cisco products with this component are currently performing normally, we expect product failures to increase over the years, beginning after the unit has been in operation for approximately 18 months. Once the component has failed, the system will stop functioning, will not boot, and is not recoverable."

Keep in mind, Cisco says the component is used by other companies so I would expect to see this list grow to other vendors.

Here is the current list of the known Cisco/Meraki products and the link to their Field Notice:

Optical Networking:
FN-64230 :  NCS1K-CNTLR  

FN-64231 : NCS5500 Line Cards  
FN-64252 : IR809/IR829 Industrial Integrated Services Routers
FN-64253 : ISR4331, ISR4321, ISR4351 and UCS-E120

FN-64228 : ASA 5506, ASA 5506W, ASA 5506H, ASA 5508, and ASA 5516 
FN-64250 : Cisco ISA3000 Industrial Security Appliance
Meraki Notification - MX 84 

FN-64251 - Nexus 9000 Series N9K-C9504-FM-E/N9K-C9508-FM-E/N9K-X9732C-EX 
Meraki Notification - MS350 Series 



4 comment(s)
Diary Archives