Cisco IOS XE vulnerabilities

CVE-2020-3513 [MEDIUM] CWE-749 CVE-2020-3513: Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. Thes

CVE-2020-3429 [MEDIUM] CWE-20 CVE-2020-3429: A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Sof A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect packet processing during the WPA2 and WPA3 authentication h

CVE-2020-3516 [MEDIUM] CWE-20 CVE-2020-3516: A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticat A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. The vulnerability is due to insufficient input validation during authentication. An attacker could exploit this vulnerability by entering unexpected characters during a valid authentication. A su

CVE-2020-3503 [MEDIUM] CWE-284 CVE-2020-3503: A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could exploit this vulnerability by connecting to an affected

CVE-2020-3465 [MEDIUM] CWE-20 CVE-2020-3465: A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames onto the Ethernet segment. A successful exploit could allow

CVE-2020-3417 [MEDIUM] CWE-78 CVE-2020-3417: A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute per A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific

CVE-2020-3416 [MEDIUM] CWE-749 CVE-2020-3416: Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. Thes

CVE-2019-16009 [HIGH] CWE-352 CVE-2019-16009: A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability by persuading a us

CVE-2020-3227 [CRITICAL] CWE-264 CVE-2020-3227: A vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure i A vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute Cisco IOx API commands without proper authorization. The vulnerability is due to incorrect handling of requests for authorization tokens. An attacker could exploit this

CVE-2020-3211 [HIGH] CWE-77 CVE-2020-3211: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An attacker who has valid administrative access to an affected device could exploit this

CVE-2020-3200 [HIGH] CWE-371 CVE-2020-3200: A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Softwar A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. An attacker could exploit

CVE-2020-3232 [HIGH] CWE-19 CVE-2020-3232: A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Ser A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of data that is returned for Cisco Discovery Protocol queries to SNMP. An attac

CVE-2020-3228 [HIGH] CWE-20 CVE-2020-3228: A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE So A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because crafted SXP packets are mishandled. An attacker coul

CVE-2020-3203 [HIGH] CWE-400 CVE-2020-3203: A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certa

CVE-2020-3230 [HIGH] CWE-20 CVE-2020-3230: A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2 SA-Init packets. An attacker could exploit this vulnerabi

CVE-2020-3225 [HIGH] CWE-20 CVE-2020-3225: Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Ci Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to insufficient input processing of CIP traffic.

CVE-2020-3235 [HIGH] CWE-118 CVE-2020-3235: A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the software processes specific SNMP object

CVE-2020-3221 [HIGH] CWE-20 CVE-2020-3221: A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisc A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of parameters in a Flexible NetFlow Version 9 re

CVE-2020-3226 [HIGH] CWE-20 CVE-2020-3226: A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient sanity checks on received SIP messages. An attacker could exp

CVE-2020-3219 [HIGH] CWE-77 CVE-2020-3219: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vuln