CVE-2020-3198: Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities

First published: Wed Jun 03 2020(Updated: )

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS	=12.2\(60\)ez16
Cisco IOS	=15.0\(2\)sg11a
Cisco IOS	=15.3\(3\)jaa1
Cisco IOS	=15.3\(3\)jpj
Cisco IOS	=15.4\(1\)cg
Cisco IOS	=15.4\(2\)cg
Cisco IOS	=15.4\(3\)m
Cisco IOS	=15.4\(3\)m1
Cisco IOS	=15.4\(3\)m2
Cisco IOS	=15.4\(3\)m3
Cisco IOS	=15.4\(3\)m4
Cisco IOS	=15.4\(3\)m5
Cisco IOS	=15.4\(3\)m6
Cisco IOS	=15.4\(3\)m6a
Cisco IOS	=15.4\(3\)m7
Cisco IOS	=15.4\(3\)m8
Cisco IOS	=15.4\(3\)m9
Cisco IOS	=15.4\(3\)m10
Cisco IOS	=15.5\(1\)t
Cisco IOS	=15.5\(1\)t2
Cisco IOS	=15.5\(1\)t3
Cisco IOS	=15.5\(1\)t4
Cisco IOS	=15.5\(2\)t
Cisco IOS	=15.5\(2\)t1
Cisco IOS	=15.5\(2\)t2
Cisco IOS	=15.5\(2\)t3
Cisco IOS	=15.5\(2\)t4
Cisco IOS	=15.5\(3\)m
Cisco IOS	=15.5\(3\)m0a
Cisco IOS	=15.5\(3\)m1
Cisco IOS	=15.5\(3\)m2
Cisco IOS	=15.5\(3\)m2a
Cisco IOS	=15.5\(3\)m3
Cisco IOS	=15.5\(3\)m4
Cisco IOS	=15.5\(3\)m4a
Cisco IOS	=15.5\(3\)m5
Cisco IOS	=15.5\(3\)m6
Cisco IOS	=15.5\(3\)m6a
Cisco IOS	=15.5\(3\)m7
Cisco IOS	=15.5\(3\)m8
Cisco IOS	=15.5\(3\)m9
Cisco IOS	=15.5\(3\)m10
Cisco IOS	=15.5\(3\)m11
Cisco IOS	=15.6\(1\)t
Cisco IOS	=15.6\(1\)t0a
Cisco IOS	=15.6\(1\)t1
Cisco IOS	=15.6\(1\)t2
Cisco IOS	=15.6\(1\)t3
Cisco IOS	=15.6\(2\)t
Cisco IOS	=15.6\(2\)t1
Cisco IOS	=15.6\(2\)t2
Cisco IOS	=15.6\(2\)t3
Cisco IOS	=15.6\(3\)m
Cisco IOS	=15.6\(3\)m0a
Cisco IOS	=15.6\(3\)m1
Cisco IOS	=15.6\(3\)m1b
Cisco IOS	=15.6\(3\)m2
Cisco IOS	=15.6\(3\)m3
Cisco IOS	=15.6\(3\)m3a
Cisco IOS	=15.6\(3\)m4
Cisco IOS	=15.6\(3\)m5
Cisco IOS	=15.6\(3\)m6
Cisco IOS	=15.6\(3\)m6a
Cisco IOS	=15.6\(3\)m6b
Cisco IOS	=15.6\(3\)m7
Cisco IOS	=15.7\(3\)m
Cisco IOS	=15.7\(3\)m1
Cisco IOS	=15.7\(3\)m2
Cisco IOS	=15.7\(3\)m3
Cisco IOS	=15.7\(3\)m4
Cisco IOS	=15.7\(3\)m4a
Cisco IOS	=15.7\(3\)m4b
Cisco IOS	=15.7\(3\)m5
Cisco IOS	=15.8\(3\)m
Cisco IOS	=15.8\(3\)m0a
Cisco IOS	=15.8\(3\)m1
Cisco IOS	=15.8\(3\)m2
Cisco IOS	=15.8\(3\)m2a
Cisco IOS	=15.8\(3\)m3
Cisco IOS	=15.8\(3\)m3a
Cisco IOS	=15.8\(3\)m3b
Cisco IOS	=15.9\(3\)m
Cisco IOS	=15.9\(3\)m0a
Cisco 1120
Cisco 1240
Cisco 809
Cisco 829

Remedy

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH

Never miss a vulnerability like this again

Reference Links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/severity
agent/weakness
agent/remedy
agent/title
agent/author
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/cisco
canonical/cisco ios
version/cisco ios/12.2\(60\)ez16
version/cisco ios/15.0\(2\)sg11a
version/cisco ios/15.3\(3\)jaa1
version/cisco ios/15.3\(3\)jpj
version/cisco ios/15.4\(1\)cg
version/cisco ios/15.4\(2\)cg
version/cisco ios/15.4\(3\)m
version/cisco ios/15.4\(3\)m1
version/cisco ios/15.4\(3\)m2
version/cisco ios/15.4\(3\)m3
version/cisco ios/15.4\(3\)m4
version/cisco ios/15.4\(3\)m5
version/cisco ios/15.4\(3\)m6
version/cisco ios/15.4\(3\)m6a
version/cisco ios/15.4\(3\)m7
version/cisco ios/15.4\(3\)m8
version/cisco ios/15.4\(3\)m9
version/cisco ios/15.4\(3\)m10
version/cisco ios/15.5\(1\)t
version/cisco ios/15.5\(1\)t2
version/cisco ios/15.5\(1\)t3
version/cisco ios/15.5\(1\)t4
version/cisco ios/15.5\(2\)t
version/cisco ios/15.5\(2\)t1
version/cisco ios/15.5\(2\)t2
version/cisco ios/15.5\(2\)t3
version/cisco ios/15.5\(2\)t4
version/cisco ios/15.5\(3\)m
version/cisco ios/15.5\(3\)m0a
version/cisco ios/15.5\(3\)m1
version/cisco ios/15.5\(3\)m2
version/cisco ios/15.5\(3\)m2a
version/cisco ios/15.5\(3\)m3
version/cisco ios/15.5\(3\)m4
version/cisco ios/15.5\(3\)m4a
version/cisco ios/15.5\(3\)m5
version/cisco ios/15.5\(3\)m6
version/cisco ios/15.5\(3\)m6a
version/cisco ios/15.5\(3\)m7
version/cisco ios/15.5\(3\)m8
version/cisco ios/15.5\(3\)m9
version/cisco ios/15.5\(3\)m10
version/cisco ios/15.5\(3\)m11
version/cisco ios/15.6\(1\)t
version/cisco ios/15.6\(1\)t0a
version/cisco ios/15.6\(1\)t1
version/cisco ios/15.6\(1\)t2
version/cisco ios/15.6\(1\)t3
version/cisco ios/15.6\(2\)t
version/cisco ios/15.6\(2\)t1
version/cisco ios/15.6\(2\)t2
version/cisco ios/15.6\(2\)t3
version/cisco ios/15.6\(3\)m
version/cisco ios/15.6\(3\)m0a
version/cisco ios/15.6\(3\)m1
version/cisco ios/15.6\(3\)m1b
version/cisco ios/15.6\(3\)m2
version/cisco ios/15.6\(3\)m3
version/cisco ios/15.6\(3\)m3a
version/cisco ios/15.6\(3\)m4
version/cisco ios/15.6\(3\)m5
version/cisco ios/15.6\(3\)m6
version/cisco ios/15.6\(3\)m6a
version/cisco ios/15.6\(3\)m6b
version/cisco ios/15.6\(3\)m7
version/cisco ios/15.7\(3\)m
version/cisco ios/15.7\(3\)m1
version/cisco ios/15.7\(3\)m2
version/cisco ios/15.7\(3\)m3
version/cisco ios/15.7\(3\)m4
version/cisco ios/15.7\(3\)m4a
version/cisco ios/15.7\(3\)m4b
version/cisco ios/15.7\(3\)m5
version/cisco ios/15.8\(3\)m
version/cisco ios/15.8\(3\)m0a
version/cisco ios/15.8\(3\)m1
version/cisco ios/15.8\(3\)m2
version/cisco ios/15.8\(3\)m2a
version/cisco ios/15.8\(3\)m3
version/cisco ios/15.8\(3\)m3a
version/cisco ios/15.8\(3\)m3b
version/cisco ios/15.9\(3\)m
version/cisco ios/15.9\(3\)m0a
canonical/cisco 1120
canonical/cisco 1240
canonical/cisco 809
canonical/cisco 829

CVE-2020-3198: Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact