Cisco iOS vulnerabilities

CVE-2020-3200 [HIGH] CWE-371 CVE-2020-3200: A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Softwar A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. An attacker could exploit

CVE-2020-3228 [HIGH] CWE-20 CVE-2020-3228: A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE So A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because crafted SXP packets are mishandled. An attacker coul

CVE-2020-3230 [HIGH] CWE-20 CVE-2020-3230: A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2 SA-Init packets. An attacker could exploit this vulnerabi

CVE-2020-3199 [HIGH] CWE-20 CVE-2020-3199: Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial In Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges o

CVE-2020-3234 [HIGH] CWE-798 CVE-2020-3234: A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 In A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated but low-privileged, local attacker to log in to the Virtual Device Server (VDS) of an affected device by using a set

CVE-2020-3225 [HIGH] CWE-20 CVE-2020-3225: Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Ci Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to insufficient input processing of CIP traffic.

CVE-2020-3257 [HIGH] CWE-20 CVE-2020-3257: Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial In Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges o

CVE-2020-3235 [HIGH] CWE-118 CVE-2020-3235: A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the software processes specific SNMP object

CVE-2020-3226 [HIGH] CWE-20 CVE-2020-3226: A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient sanity checks on received SIP messages. An attacker could exp

CVE-2020-3217 [HIGH] CWE-20 CVE-2020-3217: A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Sof A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insuff

CVE-2020-3205 [HIGH] CWE-20 CVE-2020-3205: A vulnerability in the implementation of the inter-VM channel of Cisco IOS Software for Cisco 809 an A vulnerability in the implementation of the inter-VM channel of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, adjacent attacker to execute arbitrary shell commands on the Virtual Device Server (VDS) of an affected de

CVE-2020-3204 [MEDIUM] CWE-20 CVE-2020-3204: A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS X A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient input validation of data passed to t

CVE-2020-3231 [MEDIUM] CWE-284 CVE-2020-3231: A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CD A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is received on the 802.1X-enabled port is mishandled. An attacke

CVE-2020-3208 [MEDIUM] CWE-264 CVE-2020-3208: A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Indust A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) could allow an authenticated, local attacker to boot a malicious software image on an affected device. The vulnerability is due to insufficient access restrictions on the area of code that manages the i

CVE-2020-3201 [MEDIUM] CWE-20 CVE-2020-3201: A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS X A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter.

CVE-2020-3210 [MEDIUM] CWE-77 CVE-2020-3210: A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated, local attacker to execute arbitrary shell commands on the Virtual Device Server (VDS) of an affected device. The attacker must have v

CVE-2020-3315 [MEDIUM] CWE-693 CVE-2020-3315: Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could all Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by se

CVE-2011-4661 [HIGH] CWE-772 CVE-2011-4661: A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PRO A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured.

CVE-2019-12655 [HIGH] CWE-20 CVE-2019-12655: A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Tra A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs

CVE-2019-12651 [HIGH] CWE-77 CVE-2019-12651: Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could all Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.