CVE-2020-3198: Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities
First published: Wed Jun 03 2020(Updated: )
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS | =12.2\(60\)ez16 | |
| Cisco IOS | =15.0\(2\)sg11a | |
| Cisco IOS | =15.3\(3\)jaa1 | |
| Cisco IOS | =15.3\(3\)jpj | |
| Cisco IOS | =15.4\(1\)cg | |
| Cisco IOS | =15.4\(2\)cg | |
| Cisco IOS | =15.4\(3\)m | |
| Cisco IOS | =15.4\(3\)m1 | |
| Cisco IOS | =15.4\(3\)m2 | |
| Cisco IOS | =15.4\(3\)m3 | |
| Cisco IOS | =15.4\(3\)m4 | |
| Cisco IOS | =15.4\(3\)m5 | |
| Cisco IOS | =15.4\(3\)m6 | |
| Cisco IOS | =15.4\(3\)m6a | |
| Cisco IOS | =15.4\(3\)m7 | |
| Cisco IOS | =15.4\(3\)m8 | |
| Cisco IOS | =15.4\(3\)m9 | |
| Cisco IOS | =15.4\(3\)m10 | |
| Cisco IOS | =15.5\(1\)t | |
| Cisco IOS | =15.5\(1\)t2 | |
| Cisco IOS | =15.5\(1\)t3 | |
| Cisco IOS | =15.5\(1\)t4 | |
| Cisco IOS | =15.5\(2\)t | |
| Cisco IOS | =15.5\(2\)t1 | |
| Cisco IOS | =15.5\(2\)t2 | |
| Cisco IOS | =15.5\(2\)t3 | |
| Cisco IOS | =15.5\(2\)t4 | |
| Cisco IOS | =15.5\(3\)m | |
| Cisco IOS | =15.5\(3\)m0a | |
| Cisco IOS | =15.5\(3\)m1 | |
| Cisco IOS | =15.5\(3\)m2 | |
| Cisco IOS | =15.5\(3\)m2a | |
| Cisco IOS | =15.5\(3\)m3 | |
| Cisco IOS | =15.5\(3\)m4 | |
| Cisco IOS | =15.5\(3\)m4a | |
| Cisco IOS | =15.5\(3\)m5 | |
| Cisco IOS | =15.5\(3\)m6 | |
| Cisco IOS | =15.5\(3\)m6a | |
| Cisco IOS | =15.5\(3\)m7 | |
| Cisco IOS | =15.5\(3\)m8 | |
| Cisco IOS | =15.5\(3\)m9 | |
| Cisco IOS | =15.5\(3\)m10 | |
| Cisco IOS | =15.5\(3\)m11 | |
| Cisco IOS | =15.6\(1\)t | |
| Cisco IOS | =15.6\(1\)t0a | |
| Cisco IOS | =15.6\(1\)t1 | |
| Cisco IOS | =15.6\(1\)t2 | |
| Cisco IOS | =15.6\(1\)t3 | |
| Cisco IOS | =15.6\(2\)t | |
| Cisco IOS | =15.6\(2\)t1 | |
| Cisco IOS | =15.6\(2\)t2 | |
| Cisco IOS | =15.6\(2\)t3 | |
| Cisco IOS | =15.6\(3\)m | |
| Cisco IOS | =15.6\(3\)m0a | |
| Cisco IOS | =15.6\(3\)m1 | |
| Cisco IOS | =15.6\(3\)m1b | |
| Cisco IOS | =15.6\(3\)m2 | |
| Cisco IOS | =15.6\(3\)m3 | |
| Cisco IOS | =15.6\(3\)m3a | |
| Cisco IOS | =15.6\(3\)m4 | |
| Cisco IOS | =15.6\(3\)m5 | |
| Cisco IOS | =15.6\(3\)m6 | |
| Cisco IOS | =15.6\(3\)m6a | |
| Cisco IOS | =15.6\(3\)m6b | |
| Cisco IOS | =15.6\(3\)m7 | |
| Cisco IOS | =15.7\(3\)m | |
| Cisco IOS | =15.7\(3\)m1 | |
| Cisco IOS | =15.7\(3\)m2 | |
| Cisco IOS | =15.7\(3\)m3 | |
| Cisco IOS | =15.7\(3\)m4 | |
| Cisco IOS | =15.7\(3\)m4a | |
| Cisco IOS | =15.7\(3\)m4b | |
| Cisco IOS | =15.7\(3\)m5 | |
| Cisco IOS | =15.8\(3\)m | |
| Cisco IOS | =15.8\(3\)m0a | |
| Cisco IOS | =15.8\(3\)m1 | |
| Cisco IOS | =15.8\(3\)m2 | |
| Cisco IOS | =15.8\(3\)m2a | |
| Cisco IOS | =15.8\(3\)m3 | |
| Cisco IOS | =15.8\(3\)m3a | |
| Cisco IOS | =15.8\(3\)m3b | |
| Cisco IOS | =15.9\(3\)m | |
| Cisco IOS | =15.9\(3\)m0a | |
| Cisco 1120 Firmware | ||
| Cisco Aironet AP1240 | ||
| Cisco IR809G-LTE-GA-K9 | ||
| Cisco 829 |
Remedy
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-3198?
CVE-2020-3198 is rated as high severity due to its potential for remote code execution.
Who is affected by CVE-2020-3198?
CVE-2020-3198 affects multiple versions of Cisco IOS Software on specific Cisco 809 and 829 Industrial ISR and CGR1000 routers.
How do I fix CVE-2020-3198?
To fix CVE-2020-3198, apply the relevant software updates provided by Cisco for affected IOS versions.
What type of vulnerability is CVE-2020-3198?
CVE-2020-3198 is a remote code execution vulnerability that can be exploited by unauthenticated attackers.
Can CVE-2020-3198 be exploited locally?
Yes, CVE-2020-3198 can also be exploited by authenticated local attackers.
- agent/type
- agent/references
- agent/severity
- agent/weakness
- agent/remedy
- agent/title
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/puppet cisco ios
- version/puppet cisco ios/12.2\(60\)ez16
- version/puppet cisco ios/15.0\(2\)sg11a
- version/puppet cisco ios/15.3\(3\)jaa1
- version/puppet cisco ios/15.3\(3\)jpj
- version/puppet cisco ios/15.4\(1\)cg
- version/puppet cisco ios/15.4\(2\)cg
- version/puppet cisco ios/15.4\(3\)m
- version/puppet cisco ios/15.4\(3\)m1
- version/puppet cisco ios/15.4\(3\)m2
- version/puppet cisco ios/15.4\(3\)m3
- version/puppet cisco ios/15.4\(3\)m4
- version/puppet cisco ios/15.4\(3\)m5
- version/puppet cisco ios/15.4\(3\)m6
- version/puppet cisco ios/15.4\(3\)m6a
- version/puppet cisco ios/15.4\(3\)m7
- version/puppet cisco ios/15.4\(3\)m8
- version/puppet cisco ios/15.4\(3\)m9
- version/puppet cisco ios/15.4\(3\)m10
- version/puppet cisco ios/15.5\(1\)t
- version/puppet cisco ios/15.5\(1\)t2
- version/puppet cisco ios/15.5\(1\)t3
- version/puppet cisco ios/15.5\(1\)t4
- version/puppet cisco ios/15.5\(2\)t
- version/puppet cisco ios/15.5\(2\)t1
- version/puppet cisco ios/15.5\(2\)t2
- version/puppet cisco ios/15.5\(2\)t3
- version/puppet cisco ios/15.5\(2\)t4
- version/puppet cisco ios/15.5\(3\)m
- version/puppet cisco ios/15.5\(3\)m0a
- version/puppet cisco ios/15.5\(3\)m1
- version/puppet cisco ios/15.5\(3\)m2
- version/puppet cisco ios/15.5\(3\)m2a
- version/puppet cisco ios/15.5\(3\)m3
- version/puppet cisco ios/15.5\(3\)m4
- version/puppet cisco ios/15.5\(3\)m4a
- version/puppet cisco ios/15.5\(3\)m5
- version/puppet cisco ios/15.5\(3\)m6
- version/puppet cisco ios/15.5\(3\)m6a
- version/puppet cisco ios/15.5\(3\)m7
- version/puppet cisco ios/15.5\(3\)m8
- version/puppet cisco ios/15.5\(3\)m9
- version/puppet cisco ios/15.5\(3\)m10
- version/puppet cisco ios/15.5\(3\)m11
- version/puppet cisco ios/15.6\(1\)t
- version/puppet cisco ios/15.6\(1\)t0a
- version/puppet cisco ios/15.6\(1\)t1
- version/puppet cisco ios/15.6\(1\)t2
- version/puppet cisco ios/15.6\(1\)t3
- version/puppet cisco ios/15.6\(2\)t
- version/puppet cisco ios/15.6\(2\)t1
- version/puppet cisco ios/15.6\(2\)t2
- version/puppet cisco ios/15.6\(2\)t3
- version/puppet cisco ios/15.6\(3\)m
- version/puppet cisco ios/15.6\(3\)m0a
- version/puppet cisco ios/15.6\(3\)m1
- version/puppet cisco ios/15.6\(3\)m1b
- version/puppet cisco ios/15.6\(3\)m2
- version/puppet cisco ios/15.6\(3\)m3
- version/puppet cisco ios/15.6\(3\)m3a
- version/puppet cisco ios/15.6\(3\)m4
- version/puppet cisco ios/15.6\(3\)m5
- version/puppet cisco ios/15.6\(3\)m6
- version/puppet cisco ios/15.6\(3\)m6a
- version/puppet cisco ios/15.6\(3\)m6b
- version/puppet cisco ios/15.6\(3\)m7
- version/puppet cisco ios/15.7\(3\)m
- version/puppet cisco ios/15.7\(3\)m1
- version/puppet cisco ios/15.7\(3\)m2
- version/puppet cisco ios/15.7\(3\)m3
- version/puppet cisco ios/15.7\(3\)m4
- version/puppet cisco ios/15.7\(3\)m4a
- version/puppet cisco ios/15.7\(3\)m4b
- version/puppet cisco ios/15.7\(3\)m5
- version/puppet cisco ios/15.8\(3\)m
- version/puppet cisco ios/15.8\(3\)m0a
- version/puppet cisco ios/15.8\(3\)m1
- version/puppet cisco ios/15.8\(3\)m2
- version/puppet cisco ios/15.8\(3\)m2a
- version/puppet cisco ios/15.8\(3\)m3
- version/puppet cisco ios/15.8\(3\)m3a
- version/puppet cisco ios/15.8\(3\)m3b
- version/puppet cisco ios/15.9\(3\)m
- version/puppet cisco ios/15.9\(3\)m0a
- canonical/cisco 1120 firmware
- canonical/cisco aironet ap1240
- canonical/cisco ir809g-lte-ga-k9
- canonical/cisco 829