CVE-2017-12240
Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
13.9%
p96
KEV
YES
Mar 3, 2022
Exploit Today
79
0-100
Published: — · Last modified: —
13.5%EPSS · 30 days13.9%
2026-06-302026-07-16
Product
Cisco / IOS and IOS XE Software
Vulnerability
Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability
Added to KEV
Mar 3, 2022
Remediate by
Mar 24, 2022
Known ransomware use
No
Summary description
The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-12240
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2017-6736—99.3%
KEV—80Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability—CVE-2017-6737—98.6%
KEV—80Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability—CVE-2017-6742—97.3%
KEV—79Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability—CVE-2018-0151—96.2%
KEV—79Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability—CVE-2017-6740—95.3%
KEV—79Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability—CVE-2017-6739—95.3%
KEV—79Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability—