CVE-2020-3258 - OpenCVE

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	1120 1240 Ios Ir809g-lte-ga-k9 Ir809g-lte-la-k9 Ir809g-lte-na-k9 Ir809g-lte-vz-k9 Ir829-2lte-ea-ak9 Ir829-2lte-ea-bk9 Ir829-2lte-ea-ek9 Ir829gw-lte-ga-ck9 Ir829gw-lte-ga-ek9 Ir829gw-lte-ga-sk9 Ir829gw-lte-ga-zk9 Ir829gw-lte-na-ak9 Ir829gw-lte-vz-ak9

Configuration 1 [-]

AND

OR	cpe:2.3:o:cisco:ios:15.8\(3\)m2:::::::*
	cpe:2.3:o:cisco:ios:15.8\(9\):::::::*
	cpe:2.3:o:cisco:ios:15.9:::::::*

OR	cpe:2.3:h:cisco:1120:-:::::::*
	cpe:2.3:h:cisco:1240:-:::::::*
	cpe:2.3:h:cisco:ir809g-lte-ga-k9:-:::::::*
	cpe:2.3:h:cisco:ir809g-lte-la-k9:-:::::::*
	cpe:2.3:h:cisco:ir809g-lte-na-k9:-:::::::*
	cpe:2.3:h:cisco:ir809g-lte-vz-k9:-:::::::*
	cpe:2.3:h:cisco:ir829-2lte-ea-ak9:-:::::::*
	cpe:2.3:h:cisco:ir829-2lte-ea-bk9:-:::::::*
	cpe:2.3:h:cisco:ir829-2lte-ea-ek9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-ga-ck9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-ga-ek9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-ga-sk9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-ga-zk9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-na-ak9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-vz-ak9:-:::::::*

No data.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-06-03T17:56:13.400169Z

Updated: 2024-09-17T04:04:06.445Z

Reserved: 2019-12-12T00:00:00

Link: CVE-2020-3258

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-06-03T18:15:21.997

Modified: 2021-10-26T16:30:20.370

Link: CVE-2020-3258

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object