Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Cisco - Issue with Clock Signal Component - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco - Issue with Clock Signal Component

One of our readers, Dalibor Cerar, sent us an email about an issue impacting this point.  While its a hardware issue, the result if it occurs is a self inflicted Denial of Service.  Cisco released a notice on February 2 that some of its products had an issue with the Clock Signal component manufactured by a supplier.  This was discovered late in November 2016.  According to Cisco:

"Although the Cisco products with this component are currently performing normally, we expect product failures to increase over the years, beginning after the unit has been in operation for approximately 18 months. Once the component has failed, the system will stop functioning, will not boot, and is not recoverable."

Keep in mind, Cisco says the component is used by other companies so I would expect to see this list grow to other vendors.

Here is the current list of the known Cisco/Meraki products and the link to their Field Notice:

Optical Networking:
FN-64230 :  NCS1K-CNTLR  

FN-64231 : NCS5500 Line Cards  
FN-64252 : IR809/IR829 Industrial Integrated Services Routers
FN-64253 : ISR4331, ISR4321, ISR4351 and UCS-E120

FN-64228 : ASA 5506, ASA 5506W, ASA 5506H, ASA 5508, and ASA 5516 
FN-64250 : Cisco ISA3000 Industrial Security Appliance
Meraki Notification - MX 84 

FN-64251 - Nexus 9000 Series N9K-C9504-FM-E/N9K-C9508-FM-E/N9K-X9732C-EX 
Meraki Notification - MS350 Series 




165 Posts
ISC Handler
Feb 3rd 2017
Just thought I would add some comments from a case I opened with Cisco. Hopefully this is helpful to others using these routers. The routers ISR4331 that are affected with the faulty parts have a serial number lower than " xxx2049xxxx "
I have an 4431 s/n xxx-21xx-xxxx, mfg date 27/Jan/2017 that is vulnerable.
This sounds like the recently announced Intel Avoton/Rangley chipset bug.
You are correct.
Atom C2000 series bug, Errata AVR54
Found here:…
Rob VandenBrink

578 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!