First published: Wed Jun 03 2020(Updated: )
A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated, local attacker to execute arbitrary shell commands on the Virtual Device Server (VDS) of an affected device. The attacker must have valid user credentials at privilege level 15. The vulnerability is due to insufficient validation of arguments that are passed to specific VDS-related CLI commands. An attacker could exploit this vulnerability by authenticating to the targeted device and including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands in the context of the Linux shell of VDS with the privileges of the root user.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco IOS | =12.2\(60\)ez16 | |
Cisco IOS | =15.0\(2\)sg11a | |
Cisco IOS | =15.3\(3\)jaa1 | |
Cisco IOS | =15.3\(3\)jpj | |
Cisco IOS | =15.9\(3\)m | |
Cisco IOS | =15.9\(3\)m0a | |
Cisco 1120 | ||
Cisco 1240 | ||
Cisco 809 | ||
Cisco 829 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-3210 is a vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that could allow an authenticated, local attacker to execute arbitrary shell commands on the Virtual Device Server.
CVE-2020-3210 has a severity rating of 6.7, which is considered high.
CVE-2020-3210 affects Cisco IOS Software versions 12.2(60)ez16, 15.0(2)sg11a, 15.3(3)jaa1, 15.3(3)jpj, 15.9(3)m, and 15.9(3)m0a.
CVE-2020-3210 is associated with CWE-78 and CWE-77.
To fix CVE-2020-3210, it is recommended to upgrade to a fixed version of Cisco IOS Software.