Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-20236

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-13 Sep, 2023 | 16:39
Updated At-23 Oct, 2024 | 19:10
Rejected At-
Credits

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:13 Sep, 2023 | 16:39
Updated At:23 Oct, 2024 | 19:10
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco IOS XR Software
Versions
Affected
  • 5.2.0
  • 5.2.1
  • 5.2.2
  • 5.2.4
  • 5.2.3
  • 5.2.5
  • 5.2.47
  • 5.3.0
  • 5.3.1
  • 5.3.2
  • 5.3.3
  • 5.3.4
  • 6.0.0
  • 6.0.1
  • 6.0.2
  • 6.1.1
  • 6.1.2
  • 6.1.3
  • 6.1.4
  • 6.1.12
  • 6.1.22
  • 6.1.32
  • 6.1.36
  • 6.1.42
  • 6.2.1
  • 6.2.2
  • 6.2.3
  • 6.2.25
  • 6.2.11
  • 6.3.2
  • 6.3.3
  • 6.3.15
  • 6.4.1
  • 6.4.2
  • 6.4.3
  • 6.5.1
  • 6.5.2
  • 6.5.3
  • 6.5.25
  • 6.5.26
  • 6.5.28
  • 6.5.29
  • 6.5.32
  • 6.5.33
  • 6.6.2
  • 6.6.3
  • 6.6.25
  • 6.6.4
  • 7.0.1
  • 7.0.2
  • 7.0.12
  • 7.0.14
  • 7.1.1
  • 7.1.15
  • 7.1.2
  • 7.1.3
  • 6.7.1
  • 6.7.2
  • 6.7.3
  • 6.7.4
  • 7.2.0
  • 7.2.1
  • 7.2.2
  • 7.3.1
  • 7.3.15
  • 7.3.2
  • 7.3.3
  • 7.3.5
  • 7.4.1
  • 7.4.2
  • 6.8.1
  • 6.8.2
  • 7.5.1
  • 7.5.3
  • 7.5.2
  • 7.5.4
  • 7.6.1
  • 7.6.2
  • 7.7.1
  • 7.7.2
  • 7.7.21
  • 6.9.1
  • 6.9.2
  • 7.8.1
  • 7.8.2
  • 7.9.1
  • 7.9.2
Problem Types
TypeCWE IDDescription
cweCWE-347Improper Verification of Cryptographic Signature
Type: cwe
CWE ID: CWE-347
Description: Improper Verification of Cryptographic Signature
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB
x_transferred
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
Cisco Systems, Inc.cisco
Product
ios_xr_software
CPEs
  • cpe:2.3:o:cisco:ios_xr_software:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 7.9.2 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:13 Sep, 2023 | 17:15
Updated At:25 Jan, 2024 | 17:15

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Cisco Systems, Inc.
cisco
>>ios_xr>>Versions before 7.10.1(exclusive)
cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>8201>>-
cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>8202>>-
cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>8208>>-
cpe:2.3:h:cisco:8208:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>8212>>-
cpe:2.3:h:cisco:8212:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>8218>>-
cpe:2.3:h:cisco:8218:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>8804>>-
cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>8808>>-
cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>8812>>-
cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>8818>>-
cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>8831>>-
cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9000>>-
cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9000v>>-
cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9001>>-
cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9006>>-
cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9010>>-
cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9901>>-
cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9902>>-
cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9903>>-
cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9904>>-
cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9906>>-
cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9910>>-
cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9912>>-
cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9920>>-
cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9922>>-
cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_1001>>-
cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_1002>>-
cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_1004>>-
cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_4009>>-
cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_4016>>-
cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_4201>>-
cpe:2.3:h:cisco:ncs_4201:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_4202>>-
cpe:2.3:h:cisco:ncs_4202:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_4206>>-
cpe:2.3:h:cisco:ncs_4206:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_4216>>-
cpe:2.3:h:cisco:ncs_4216:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5001>>-
cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5002>>-
cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5011>>-
cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_540>>-
cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5500>>-
cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5501>>-
cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5501>>se
cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5502>>-
cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5502>>se
cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5504>>-
cpe:2.3:h:cisco:ncs_5504:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5508>>-
cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5516>>-
cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_560>>-
cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_560-4>>-
cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_560-7>>-
cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_57b1-5dse-sys>>-
cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-345Primarynvd@nist.gov
CWE-347Secondaryykramarz@cisco.com
CWE ID: CWE-345
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-347
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgBykramarz@cisco.com
Vendor Advisory
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

383Records found
CVE-2021-1449
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.40%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:06
Updated-08 Nov, 2024 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Access Point Software Arbitrary Code Execution Vulnerability

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_2800catalyst_9800_firmwareaironet_1800catalyst_iw6300aironet_1560aironet_3800aironet_access_point_softwarecatalyst_9800esw6300wireless_lan_controller_softwareaironet_1540catalyst_91001100_integrated_services_routeraironet_4800Cisco Aironet Access Point Software
CWE ID-CWE-284
Improper Access Control
CVE-2021-1237
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.79%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 21:17
Updated-12 Nov, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco AnyConnect Secure Mobility Client for Windows DLL Injection Vulnerability

A vulnerability in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL injection attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by inserting a configuration file in a specific path in the system which, in turn, causes a malicious DLL file to be loaded when the application starts. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-anyconnect_secure_mobility_clientCisco AnyConnect Secure Mobility Client
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-1280
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.78%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 19:56
Updated-12 Nov, 2024 | 20:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Advanced Malware Protection for Endpoints and Immunet for Windows DLL Hijacking Vulnerability

A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection (AMP) for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid credentials on the Windows system. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on the targeted system. This file will execute when the vulnerable application launches. A successful exploit could allow the attacker to execute arbitrary code on the targeted system with SYSTEM privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-immunetadvanced_malware_protection_for_endpointsCisco AMP for Endpoints
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-1428
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7||HIGH
EPSS-0.05% / 16.79%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:40
Updated-08 Nov, 2024 | 23:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking Vulnerabilities

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-anyconnect_secure_mobility_clientCisco AnyConnect Secure Mobility Client
CWE ID-CWE-378
Creation of Temporary File With Insecure Permissions
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-1386
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7||HIGH
EPSS-0.13% / 33.28%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 04:05
Updated-08 Nov, 2024 | 23:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability

A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this vulnerability, the attacker would need valid credentials on the system. The vulnerability is due to insufficient validation of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on an affected system. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-clamavimmunetadvanced_malware_protection_for_endpointsCisco AMP for Endpoints
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-1426
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7||HIGH
EPSS-0.05% / 15.37%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:42
Updated-08 Nov, 2024 | 23:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking Vulnerabilities

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-anyconnect_secure_mobility_clientCisco AnyConnect Secure Mobility Client
CWE ID-CWE-378
Creation of Temporary File With Insecure Permissions
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-1584
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.15% / 36.20%
||
7 Day CHG~0.00%
Published-25 Aug, 2021 | 19:10
Updated-07 Nov, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_9332pqnexus_93108tc-exnx-osnexus_9372pxnexus_9364c-gxnexus_9508nexus_93108tc-fx-24nexus_92304qcnexus_93120txnexus_92160yc-xnexus_93128txnexus_9316d-gxnexus_93108tc-ex-24nexus_9000nexus_9372tx-enexus_93108tc-fx3pnexus_93108tc-fxnexus_93360yc-fx2nexus_9396txnexus_93180yc-fx3snexus_9332cnexus_9364cnexus_92300ycnexus_92348gc-xnexus_9336c-fx2nexus_9348gc-fxpnexus_9272qnexus_93180yc-fx-24nexus_9336c-fx2-enexus_9396pxnexus_93216tc-fx2nexus_93240yc-fx2nexus_93180yc-fxnexus_9372txnexus_93180yc-exnexus_93600cd-gxnexus_9000vnexus_9372px-enexus_9236cnexus_93180yc-fx3nexus_93180yc-ex-24Cisco NX-OS System Software in ACI Mode
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-15274
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.29% / 51.80%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 18:36
Updated-20 Nov, 2024 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco TelePresence Collaboration Endpoint Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to perform command injections. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating as an administrative level user within the restricted shell and submitting malicious input to a specific command. A successful exploit could allow the attacker to execute previously staged code from the underlying filesystem.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-telepresence_collaboration_endpointCisco TelePresence TC Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1441
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 21.70%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:06
Updated-08 Nov, 2024 | 23:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution Vulnerability

A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of parameters passed to a diagnostic script that is executed when the device boots up. An attacker could exploit this vulnerability by tampering with an executable file stored on a device. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. To exploit this vulnerability, the attacker would need administrative level credentials (level 15) on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeesr6300ir1101Cisco IOS XE Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-12699
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.17% / 39.18%
||
7 Day CHG~0.00%
Published-02 Oct, 2019 | 19:06
Updated-20 Nov, 2024 | 17:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_9300firepower_4100firepower_2100firepower_threat_defensefirepower_9300_firmwarefirepower_extensible_operating_systemfirepower_1000Cisco Firepower Extensible Operating System (FXOS)
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3595
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.87%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 18:17
Updated-13 Nov, 2024 | 17:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. The vulnerability is due to incorrect permissions being set when the affected command is executed. An attacker could exploit this vulnerability by executing the affected command on an affected system. A successful exploit could allow the attacker to gain root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wanCisco SD-WAN Solution
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-3600
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 8.78%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 18:17
Updated-13 Nov, 2024 | 17:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient security controls on the CLI. An attacker could exploit this vulnerability by using an affected CLI utility that is running on an affected system. A successful exploit could allow the attacker to gain root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wanCisco SD-WAN Solution
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-3593
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 8.78%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 18:17
Updated-13 Nov, 2024 | 17:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to a utility that is running on an affected system. A successful exploit could allow the attacker to gain root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wanCisco SD-WAN Solution
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-3594
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 8.78%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 18:17
Updated-13 Nov, 2024 | 17:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted options to a specific command. A successful exploit could allow the attacker to gain root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wanCisco SD-WAN Solution
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-3601
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.11% / 30.62%
||
7 Day CHG~0.00%
Published-08 Oct, 2020 | 04:21
Updated-13 Nov, 2024 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco StarOS Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-starosasr_5500asr_5700Cisco ASR 5000 Series Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3602
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.12% / 32.38%
||
7 Day CHG~0.00%
Published-08 Oct, 2020 | 04:21
Updated-13 Nov, 2024 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco StarOS Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-starosasr_5500asr_5700Cisco ASR 5000 Series Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3207
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.19% / 41.57%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:40
Updated-15 Nov, 2024 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Command Injection Vulnerability

A vulnerability in the processing of boot options of specific Cisco IOS XE Software switches could allow an authenticated, local attacker with root shell access to the underlying operating system (OS) to conduct a command injection attack during device boot. This vulnerability is due to insufficient input validation checks while processing boot options. An attacker could exploit this vulnerability by modifying device boot options to execute attacker-provided code. A successful exploit may allow an attacker to bypass the Secure Boot process and execute malicious code on an affected device with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9200l-48pxg-4xcatalyst_c9300-24pcatalyst_c9500-32qccatalyst_c9200l-24p-4gcatalyst_c9300-48scatalyst_c9300-48pcatalyst_3650-8x24uqcatalyst_3650-12x48urcatalyst_c9300-48ucatalyst_c9300l-48t-4xcatalyst_c9300l-24t-4gcatalyst_c9200l-24pxg-2ycatalyst_3650-24pdcatalyst_c9500-16xcatalyst_c9200-24pcatalyst_c9300-48tcatalyst_c9300l-24t-4xcatalyst_c9200l-48pxg-2ycatalyst_c9200l-48t-4gcatalyst_c9200l-24p-4xcatalyst_c9200-48pcatalyst_c9300l-24p-4xcatalyst_c9300l-48p-4gcatalyst_c9500-12qcatalyst_3650-24pdmcatalyst_c9500-24qcatalyst_3850-24xscatalyst_c9200-48tcatalyst_c9200l-24t-4xcatalyst_c9300-24scatalyst_c9300-48uncatalyst_c9300-48uxmcatalyst_c9300-24tcatalyst_3850-nm-2-40gcatalyst_c9300l-48p-4xcatalyst_c9500-24y4ccatalyst_c9200l-24t-4gcatalyst_c9200l-24pxg-4xcatalyst_c9500-40xios_xecatalyst_3650-12x48uzcatalyst_c9300l-48t-4gcatalyst_c9300-24ucatalyst_c9200l-48t-4xcatalyst_c9500-48y4ccatalyst_3850-48xscatalyst_3850-nm-8-10gcatalyst_3650-12x48uqcatalyst_c9300-24uxcatalyst_c9200-24tcatalyst_c9500-32ccatalyst_c9200l-48p-4gcatalyst_3650-48fqmcatalyst_3650-48fqcatalyst_c9300l-24p-4gcatalyst_c9200l-48p-4xCisco IOS XE Software 16.9.2
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3455
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.55%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:36
Updated-13 Nov, 2024 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability

A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4150firepower_9300_sm-24firepower_9300_sm-36firepower_4110firepower_extensible_operating_systemfirepower_9300_sm-48firepower_4125firepower_4112firepower_4140firepower_9300_sm-44_x_3firepower_9300_sm-40firepower_4145firepower_4120firepower_9300_sm-56firepower_9300_sm-56_x_3firepower_4115firepower_9300_sm-44Cisco Firepower Extensible Operating System (FXOS)
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2020-3180
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.52%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:20
Updated-15 Nov, 2024 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution Software Static Credentials Vulnerability

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_2000sd-wan1100-4g_integrated_services_routervedge_100bvedge_100m1100-6g_integrated_services_routervedge_5000vedge_1001100-4gltegb_integrated_services_routervedge_100wmvedge_10001100-4gltena_integrated_services_router1100_integrated_services_routerCisco SD-WAN vManage
CWE ID-CWE-264
Not Available
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-3403
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 27.89%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:02
Updated-13 Nov, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to inject a command to the underlying operating system that will execute with root privileges upon the next reboot of the device. The authenticated user must have privileged EXEC permissions on the device. The vulnerability is due to insufficient protection of values passed to a script that executes during device startup. An attacker could exploit this vulnerability by writing values to a specific file. A successful exploit could allow the attacker to execute commands with root privileges each time the affected device is restarted.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9800-lcatalyst_9800-l-ccatalyst_9800-40catalyst_9800-clcatalyst_9800-80catalyst_9800-l-fCisco IOS XE Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3176
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.56%
||
7 Day CHG~0.00%
Published-04 Mar, 2020 | 18:40
Updated-15 Nov, 2024 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Remote PHY Device Software Command Injection Vulnerability

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying certain CLI commands with crafted arguments. A successful exploit could allow the attacker to run arbitrary commands as the root user, which could result in a complete system compromise.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-remote_phy_120remote_phy_120_firmwareremote_phy_shelf_7200_firmwareremote_phy_220_firmwareremote_phy_220remote_phy_shelf_7200Cisco Remote PHY
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3416
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.19% / 41.72%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution Vulnerabilities

Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. These vulnerabilities are due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit these vulnerabilities by copying a specific file to the local file system of an affected device and defining specific ROMMON variables. A successful exploit could allow the attacker to run arbitrary code on the underlying operating system (OS) with root privileges. To exploit these vulnerabilities, an attacker would need to have access to the root shell on the device or have physical access to the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeasr_903asr_902asr_907Cisco IOS XE Software
CWE ID-CWE-749
Exposed Dangerous Method or Function
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-3380
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.20% / 41.80%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:21
Updated-15 Nov, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Data Center Network Manager Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An attacker could exploit this vulnerability by authenticating as the fmserver user and submitting malicious input to a specific command. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-data_center_network_managerCisco Data Center Network Manager
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2020-3417
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.08% / 24.07%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Arbitrary Code Execution Vulnerability

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable. A successful exploit could allow the attacker to execute persistent code on the underlying OS. To exploit this vulnerability, the attacker would need access to the root shell on the device or have physical access to the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3214
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.39%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:41
Updated-15 Nov, 2024 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Privilege Escalation Vulnerability

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. The vulnerability is due to insufficient validation of user-supplied content. This vulnerability could allow an attacker to load malicious software onto an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9200l-48pxg-4xcatalyst_c9300-24pws-c3650-24pdws-c3650-48fsws-c3850-48pcatalyst_c9407rcatalyst_c9300-48pws-c3650-24tdws-c3850-24pcatalyst_c9300-48u1100_integrated_services_routerws-c3650-8x24uq4331_integrated_services_routercatalyst_c9500-16x4461_integrated_services_routercatalyst_9800-l-cws-c3650-48tscatalyst_c9200-24pasr_1000-xcatalyst_c9300-48tcatalyst_c9200l-48pxg-2ycatalyst_c9200l-48t-4gcatalyst_c9500-12q111x_integrated_services_routercatalyst_c9500-24qws-c3650-12x48urcatalyst_c9200-48tcatalyst_9800-lcatalyst_c9300-24sasr_1013catalyst_c9300l-48p-4xcatalyst_c9500-24y4cws-c3650-12x48uqcatalyst_c9200l-24t-4gws-c3650-48tdws-c3650-24psasr_1001catalyst_c9404rws-c3850-12x48ucatalyst_c9300-24ucatalyst_c9200l-48t-4xws-c3650-48fdcatalyst_9800-clws-c3650-48tqcatalyst_c9500-32ccatalyst_c9200l-48p-4gasr_1002-xws-c3650-12x48uzcatalyst_c9300l-24p-4gws-c3850-12scatalyst_c9500-32qcws-c3850-48xsws-c3850-48ucatalyst_c9200l-24p-4gcatalyst_c9300-48sws-c3650-48fqws-c3850-48f1160_integrated_services_routerws-c3850-24xucatalyst_c9300l-48t-4xws-c3650-48pscatalyst_c9300l-24t-4gws-c3850-24tcatalyst_c9200l-24pxg-2yws-c3850-24uasr_1002catalyst_c9300l-24t-4xcatalyst_9800-80catalyst_9800-l-fws-c3650-24tsasr_10041109_integrated_services_routercatalyst_c9200l-24p-4xcatalyst_c9300l-24p-4xcatalyst_c9300l-48p-4gcatalyst_c9200-48p1120_integrated_services_routerws-c3650-48pdcatalyst_c9300-48uncatalyst_c9200l-24t-4x1111x_integrated_services_routercatalyst_c9300-48uxmws-c3650-48pqcatalyst_9800-40catalyst_c9300-24t4431_integrated_services_routernexus_1000vcatalyst_c9200l-24pxg-4xcatalyst_c9500-40xios_xecatalyst_c9300l-48t-4gcatalyst_c9500-48y4casr_1006ws-c3850-24sws-c3850-24xscatalyst_c9300-24uxcatalyst_c9200-24tasr_1001-xws-c3650-24pdm1101_integrated_services_routerws-c3850-12xsws-c3650-48fqmws-c3850-48tcatalyst_c9200l-48p-4x422_integrated_services_routercatalyst_c9410rCisco IOS XE Software 16.11.1
CWE ID-CWE-264
Not Available
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3433
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-7.30% / 91.29%
||
7 Day CHG+0.79%
Published-17 Aug, 2020 | 18:01
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-11-14||Apply updates per vendor instructions.
Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-anyconnect_secure_mobility_clientCisco AnyConnect Secure Mobility ClientAnyConnect Secure
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-3545
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.99%
||
7 Day CHG~0.00%
Published-04 Sep, 2020 | 02:25
Updated-13 Nov, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS Software Buffer Overflow Vulnerability

A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could exploit this vulnerability by supplying a crafted file that, when it is processed, may cause a stack-based buffer overflow. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges. An attacker would need to have valid administrative credentials to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_9300firepower_4112firepower_4150firepower_4140firepower_4145firepower_4110firepower_4120firepower_extensible_operating_systemfirepower_4125firepower_4115Cisco Firepower Extensible Operating System (FXOS)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-3404
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.33%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:02
Updated-13 Nov, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Consent Token Bypass Vulnerability

A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient enforcement of the consent token in authorizing shell access. An attacker could exploit this vulnerability by authenticating to the persistent Telnet/SSH CLI on an affected device and requesting shell access. A successful exploit could allow the attacker to gain shell access on the affected device and execute commands on the underlying OS with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9200l-48pxg-4x1100-6g_integrated_services_routercatalyst_c9407rcatalyst_c9300-48pws-c3650-24td4331_integrated_services_routercatalyst_c9500-16x4461_integrated_services_routercatalyst_c9200-24pasr_1000-xws-c3850catalyst_c9200l-48pxg-2ycatalyst_c9200l-48t-4g111x_integrated_services_routercatalyst_9800-lasr_1013catalyst_c9300l-48p-4xcatalyst_c9500-24y4ccatalyst_c9200l-24t-4gws-c3650-24psasr1001-hxcatalyst_9800-clws-c3650-48tqcatalyst_c9200l-48p-4gws-c3650-12x48uzws-c3850-48xs1160_integrated_services_routercatalyst_c9300l-24t-4g1100-lte_integrated_services_routercatalyst_c9200l-24pxg-2yws-c3850-24ucatalyst_9800-801109_integrated_services_routercatalyst_c9200l-24p-4xcatalyst_c9300l-24p-4xcatalyst_c9300l-48p-4gws-c3650-48pd1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_c9300-48uxmcatalyst_9800-401101-4p_integrated_services_router1100-4p_integrated_services_routercatalyst_c9500-40xasr_1006ws-c3850-24xsasr1002-hx-wscatalyst_c9200-24tws-c3650-24pdm1101_integrated_services_router1100-4gltegb_integrated_services_router4451_integrated_services_routerws-c3650-48fqmws-c3850-48tcatalyst_c9200l-48p-4xcatalyst_c9410rcatalyst_c9300-24pasr1001-hx-rfws-c3650-24pdws-c3650-48fsws-c3850-48pws-c3850-24pcatalyst_c9300-48u1100-4gltena_integrated_services_router1100_integrated_services_routerws-c3650-8x24uqcatalyst_9800-l-cws-c3650-48tscatalyst_c9300-48tcatalyst_c9500-12qcatalyst_c9500-24qws-c3650-12x48urcatalyst_c9200-48tcatalyst_c9300-24sasr1002-x-rfws-c3650-12x48uqws-c3650-48tdasr_1001asr1002-hx4221_integrated_services_routercatalyst_c9404rws-c3850-12x48ucatalyst_c9300-24ucatalyst_c9200l-48t-4xws-c3650-48fdasr1002-x-wscatalyst_c9500-32casr_1002-xcatalyst_c9300l-24p-4gws-c3850-12scatalyst_c9500-32qcasr1002-hx-rfws-c3850-48ucatalyst_c9200l-24p-4gcatalyst_c9300-48sws-c3650-48fqws-c3850-48fws-c3850-24xucatalyst_c9300l-48t-4xws-c3650-48ps1109-2p_integrated_services_routerws-c3850-24tasr_1002catalyst_c9300l-24t-4xcatalyst_9800-l-fws-c3650-24tsasr_1004catalyst_c9200-48p1120_integrated_services_routercatalyst_c9300-48uncatalyst_c9200l-24t-4xasr1001-x-rfws-c3650-48pqcatalyst_c9300-24t4431_integrated_services_routercatalyst_c9200l-24pxg-4xasr1001-x-wscsr_1000vios_xecatalyst_c9300l-48t-4g1111x-8p_integrated_services_routercatalyst_c9500-48y4c1100-8p_integrated_services_routerws-c3850-24s1109-4p_integrated_services_routercatalyst_c9300-24uxasr_1001-xws-c3850-12xsCisco IOS XE Software
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-3458
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 16.11%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:36
Updated-13 Nov, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities

Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism. The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_1010firepower_2140firepower_1140firepower_2120adaptive_security_appliance_softwarefirepower_2130firepower_1120firepower_1150firepower_2110firepower_threat_defenseCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2020-3210
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.64%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:40
Updated-15 Nov, 2024 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection Vulnerability

A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated, local attacker to execute arbitrary shell commands on the Virtual Device Server (VDS) of an affected device. The attacker must have valid user credentials at privilege level 15. The vulnerability is due to insufficient validation of arguments that are passed to specific VDS-related CLI commands. An attacker could exploit this vulnerability by authenticating to the targeted device and including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands in the context of the Linux shell of VDS with the privileges of the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios11201240829809Cisco IOS 12.2(60)EZ16
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3253
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.24%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:41
Updated-15 Nov, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Shell Access Vulnerability

A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by enabling the support tunnel, setting a key, and deriving the tunnel password. A successful exploit could allow the attacker to run any system command with root access on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-284
Improper Access Control
CVE-2020-3173
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.24% / 46.92%
||
7 Day CHG~0.00%
Published-26 Feb, 2020 | 16:50
Updated-15 Nov, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability

A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by including crafted arguments to specific commands on the local management CLI. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ucs_6332-16upucs_managerucs_6454ucs_6324ucs_6296upucs_64108ucs_6248upucs_6332Cisco Unified Computing System (Managed)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3473
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.11%
||
7 Day CHG~0.00%
Published-04 Sep, 2020 | 02:26
Updated-13 Nov, 2024 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerability

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device. The vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker could exploit this vulnerability by first authenticating to the local CLI shell on the device and using the CLI command to bypass the task group–based checks. A successful exploit could allow the attacker to elevate privileges and perform actions on the device without authorization checks.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-8201ncs_5502-sencs_5508ncs_5501ncs_4009ncs_560881288188202ios_xrv_9000ncs_5516ncs_5501-sencs_6000ncs_60088808ncs_540ncs_4016ios_xrncs_5502Cisco IOS XR Software
CWE ID-CWE-264
Not Available
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-3266
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.44%
||
7 Day CHG~0.00%
Published-19 Mar, 2020 | 15:35
Updated-15 Nov, 2024 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution Command Injection Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_20001100-4g_integrated_services_routervedge_100m1100-6g_integrated_services_routervedge_5000sd-wan_firmwarevedge_1001100-4gltegb_integrated_services_routervedge_100wmvedge_10001100-4gltena_integrated_services_routervedge_100bCisco SD-WAN Solution
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3394
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 8.78%
||
7 Day CHG~0.00%
Published-27 Aug, 2020 | 15:40
Updated-13 Nov, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability

A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_9332pqnexus_3172tqnexus_93108tc-exnx-osnexus_3636c-rnexus_9508nexus_93120txnexus_93128txnexus_9336pq_aci_spinenexus_3548-xlnexus_31128pqnexus_3132q-vnexus_9332cnexus_9364cnexus_3164qnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3132c-znexus_3524-xnexus_31108tc-vnexus_9348gc-fxpnexus_3172nexus_9272qnexus_3464cnexus_93216tc-fx2nexus_36180yc-rnexus_93180yc-fxnexus_3264qnexus_3432d-snexus_34180ycnexus_9000vnexus_31108pc-vnexus_3524nexus_3548nexus_3132qnexus_3016nexus_9372pxnexus_92304qcnexus_92160yc-xnexus_9504nexus_3048nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2nexus_3524-xlnexus_9396txnexus_92300ycnexus_3064nexus_3232cnexus_9396pxnexus_3264c-enexus_93240yc-fx2nexus_9372txnexus_3548-xnexus_3132q-xlnexus_3064-tnexus_3172tq-xlnexus_93180yc-exnexus_3408-snexus_9372px-enexus_9236cnexus_9516nexus_3172pq-xlCisco NX-OS Software
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-862
Missing Authorization
CVE-2020-3427
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.07% / 22.36%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 18:15
Updated-13 Nov, 2024 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Duo Authentication for Windows Logon and RDP Privilege Escalation Vulnerability

The Windows Logon installer prior to 4.1.2 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Windows Logon, cause Denial of Service (DoS) by deleting file(s), or replace system files to potentially achieve elevation of privileges. Note that this can only exploitable during new installations while the installer is running and is not exploitable once installation is finished. Versions 4.1.2 of Windows Logon addresses this issue.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-duo_authentication_for_windows_logon_and_rdpDuo Authentication for Windows Logon and RDP
CWE ID-CWE-280
Improper Handling of Insufficient Permissions or Privileges
CVE-2020-3459
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.18% / 39.34%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:35
Updated-13 Nov, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS Software for Firepower 4100/9300 Series Command Injection Vulnerability

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4150firepower_9300_sm-24firepower_9300_sm-36firepower_4110firepower_extensible_operating_systemfirepower_9300_sm-48firepower_4125firepower_4112firepower_4140firepower_9300_sm-44_x_3firepower_9300_sm-40firepower_4145firepower_4120firepower_9300_sm-56firepower_9300_sm-56_x_3firepower_4115firepower_9300_sm-44Cisco Firepower Extensible Operating System (FXOS)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3166
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.17% / 38.73%
||
7 Day CHG~0.00%
Published-26 Feb, 2020 | 16:51
Updated-15 Nov, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_9300firepower_4150firepower_1010firepower_1140firepower_2120firepower_2130adaptive_security_appliance_softwarefirepower_4110firepower_1120firepower_extensible_operating_systemfirepower_2110firepower_4125firepower_4140firepower_2140firepower_4145firepower_4120firepower_1150firepower_4115firepower_threat_defenseCisco Firepower Extensible Operating System (FXOS)
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3169
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.56%
||
7 Day CHG~0.00%
Published-26 Feb, 2020 | 16:50
Updated-15 Nov, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. An attacker would need valid administrator credentials to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4150firepower_9300_sm-24firepower_9300_sm-36firepower_4110firepower_extensible_operating_systemfirepower_9300_sm-48firepower_4125firepower_4140firepower_9300_sm-44_x_3firepower_9300_sm-40firepower_4145firepower_4120firepower_9300_sm-56firepower_9300_sm-56_x_3firepower_4115firepower_9300_sm-44Cisco Firepower Extensible Operating System (FXOS)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3215
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.09%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:41
Updated-15 Nov, 2024 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Privilege Escalation Vulnerability

A vulnerability in the Virtual Services Container of Cisco IOS XE Software could allow an authenticated, local attacker to gain root-level privileges on an affected device. The vulnerability is due to insufficient validation of a user-supplied open virtual appliance (OVA). An attacker could exploit this vulnerability by installing a malicious OVA on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software 3.8.0S
CWE ID-CWE-264
Not Available
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3457
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 36.28%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:36
Updated-13 Nov, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4150firepower_1010firepower_1140firepower_2120firepower_2130adaptive_security_appliance_softwarefirepower_9300_sm-24firepower_9300_sm-36firepower_2100firepower_4110firepower_1120firepower_extensible_operating_systemfirepower_2110firepower_4125firepower_1000firepower_9300_sm-48firepower_4112firepower_4140firepower_2140firepower_9300_sm-44_x_3firepower_9300_sm-40firepower_4145firepower_4120firepower_9300_sm-56firepower_9300_sm-56_x_3firepower_threat_defensefirepower_1150firepower_4115firepower_9300_sm-44Cisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3423
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.06% / 18.31%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Arbitrary Code Execution Vulnerability

A vulnerability in the implementation of the Lua interpreter that is integrated in Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code with root privileges on the underlying Linux operating system (OS) of an affected device. The vulnerability is due to insufficient restrictions on Lua function calls within the context of user-supplied Lua scripts. An attacker with valid administrative credentials could exploit this vulnerability by submitting a malicious Lua script. When this file is processed, an exploitable buffer overflow condition could occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying Linux OS of the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_router1111x_integrated_services_routerasr_10134321_integrated_services_routercbr-8_converged_broadband_router4351_integrated_services_router4431_integrated_services_router1160_integrated_services_routercloud_services_router_1000vasr_1002-hx1100_integrated_services_routerios_xe4221_integrated_services_router4331_integrated_services_routerasr_10064461_integrated_services_routerasr_1001-xasr_10041109_integrated_services_router1101_integrated_services_routerasr_1001-hxasr_1002-x111x_integrated_services_router1120_integrated_services_routerasr_1009-xasr_1006-xCisco IOS XE Software 3.7.0S
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-3167
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.25% / 48.26%
||
7 Day CHG~0.00%
Published-26 Feb, 2020 | 16:51
Updated-15 Nov, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_9300firepower_4150firepower_1010ucs_6332-16upfirepower_1140firepower_2120firepower_2130adaptive_security_appliance_softwareucs_64108ucs_6296upfirepower_4110firepower_1120ucs_6248upfirepower_extensible_operating_systemfirepower_2110firepower_4125firepower_4140firepower_2140ucs_managerucs_6454ucs_6324firepower_4145firepower_4120firepower_1150firepower_4115firepower_threat_defenseucs_6332Cisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3152
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.77%
||
7 Day CHG~0.00%
Published-26 Aug, 2020 | 16:16
Updated-13 Nov, 2024 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Connected Mobile Experiences Privilege Escalation Vulnerability

A vulnerability in Cisco Connected Mobile Experiences (CMX) could allow an authenticated, local attacker with administrative credentials to execute arbitrary commands with root privileges. The vulnerability is due to improper user permissions that are configured by default on an affected system. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, an attacker would need to have valid administrative credentials.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-connected_mobile_experiencesCisco Connected Mobile Experiences
CWE ID-CWE-275
Not Available
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-3388
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.62%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:22
Updated-13 Nov, 2024 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vManage Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated to access the CLI. A successful exploit could allow the attacker to execute commands with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-1100-4g_integrated_services_router1100-6g_integrated_services_routersd-wan_firmware1100-4gltegb_integrated_services_router1100-4gltena_integrated_services_routerCisco SD-WAN vManage
CWE ID-CWE-287
Improper Authentication
CVE-2020-3513
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.19% / 41.72%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:51
Updated-13 Nov, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution Vulnerabilities

Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. These vulnerabilities are due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit these vulnerabilities by copying a specific file to the local file system of an affected device and defining specific ROMMON variables. A successful exploit could allow the attacker to run arbitrary code on the underlying operating system (OS) with root privileges. To exploit these vulnerabilities, an attacker would need to have access to the root shell on the device or have physical access to the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeasr_903ncs_4216_f2bncs_4206ncs_4216asr_907asr_902Cisco IOS XE Software
CWE ID-CWE-749
Exposed Dangerous Method or Function
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-3514
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.2||HIGH
EPSS-0.03% / 7.00%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:35
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability

A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials on the device.The vulnerability exists because a configuration file that is used at container startup has insufficient protections. An attacker could exploit this vulnerability by modifying a specific container configuration file on the underlying file system. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running Cisco FTD instances or the host Cisco FXOS device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-216
DEPRECATED: Containment Errors (Container Errors)
CVE-2020-27129
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.18%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 18:15
Updated-13 Nov, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vManage Software Command Injection Vulnerability

A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. The vulnerability is due to improper validation of commands to the remote management CLI of the affected application. An attacker could exploit this vulnerability by sending malicious requests to the affected application. A successful exploit could allow the attacker to inject arbitrary commands and potentially gain elevated privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wan_vmanageCisco SD-WAN vManage
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2020-27122
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 13.63%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 18:15
Updated-13 Nov, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Privilege Escalation Vulnerability

A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to elevate privileges on an affected device. To exploit this vulnerability, an attacker would need to have a valid administrator account on an affected device. The vulnerability is due to incorrect privilege assignment. An attacker could exploit this vulnerability by logging in to the system with a crafted Active Directory account. A successful exploit could allow the attacker to obtain root privileges on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-26074
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.72%
||
7 Day CHG~0.00%
Published-18 Nov, 2024 | 15:56
Updated-04 Aug, 2025 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vManage Privilege Escalation Vulnerability

A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path input to the system file transfer functions. An attacker could exploit this vulnerability by sending requests that contain specially crafted path variables to the vulnerable system. A successful exploit could allow the attacker to overwrite arbitrary files, allowing the attacker to modify the system in such a way that could allow the attacker to gain escalated privileges.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_sd-wan_managerCisco Catalyst SD-WAN Managercatalyst_sd-wan_manager
CWE ID-CWE-250
Execution with Unnecessary Privileges
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 7
  • 8
  • Next
Details not found