Cisco switches hit by reboot loops due to DNS client bug

Key Points:

• Cisco switches are experiencing reboot loops due to a firmware bug in the internal DNS client service, which treats DNS lookup failures as fatal errors.
• Affected models include CBS, SG, and Catalyst 1200/1300 switches, causing significant disruptions in network operations as devices reboot every few minutes.
• Recommended actions include disabling DNS resolution, disabling SNTP or time synchronization, and blocking outbound internet access from switch management interfaces to mitigate the issue temporarily.

Technical Details: The bug causes fatal errors when attempting to resolve DNS queries for "www.cisco.com" and NTP servers, leading to continuous reboots. Cisco has not publicly disclosed the root cause but has acknowledged the issue to affected customers.

MITRE ATT&CK Techniques: None mentioned

IOCs Mentioned: None mentioned