high
8.6
CWE
20
Advisory Published
Updated

CVE-2020-3225: Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities

First published: Wed Jun 03 2020(Updated: )

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to insufficient input processing of CIP traffic. An attacker could exploit these vulnerabilities by sending crafted CIP traffic to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco IOS=12.2\(44\)ex
Cisco IOS=12.2\(44\)ex1
Cisco IOS=12.2\(46\)se1
Cisco IOS=12.2\(46\)se2
Cisco IOS=12.2\(50\)se
Cisco IOS=12.2\(50\)se1
Cisco IOS=12.2\(50\)se2
Cisco IOS=12.2\(50\)se3
Cisco IOS=12.2\(50\)se4
Cisco IOS=12.2\(50\)se5
Cisco IOS=12.2\(52\)se
Cisco IOS=12.2\(52\)se1
Cisco IOS=12.2\(55\)se
Cisco IOS=12.2\(55\)se3
Cisco IOS=12.2\(55\)se4
Cisco IOS=12.2\(55\)se5
Cisco IOS=12.2\(55\)se6
Cisco IOS=12.2\(55\)se7
Cisco IOS=12.2\(55\)se9
Cisco IOS=12.2\(55\)se10
Cisco IOS=12.2\(55\)se11
Cisco IOS=12.2\(55\)se12
Cisco IOS=12.2\(55\)se13
Cisco IOS=12.2\(55\)se13a
Cisco IOS=12.2\(58\)se
Cisco IOS=12.2\(58\)se1
Cisco IOS=12.2\(58\)se2
Cisco IOS=12.2\(60\)ez16
Cisco IOS=15.0\(1\)ey
Cisco IOS=15.0\(1\)ey1
Cisco IOS=15.0\(1\)ey2
Cisco IOS=15.0\(2\)ek
Cisco IOS=15.0\(2\)ek1
Cisco IOS=15.0\(2\)ex2
Cisco IOS=15.0\(2\)ex8
Cisco IOS=15.0\(2\)ey
Cisco IOS=15.0\(2\)ey1
Cisco IOS=15.0\(2\)ey2
Cisco IOS=15.0\(2\)ey3
Cisco IOS=15.0\(2\)se
Cisco IOS=15.0\(2\)se1
Cisco IOS=15.0\(2\)se2
Cisco IOS=15.0\(2\)se3
Cisco IOS=15.0\(2\)se4
Cisco IOS=15.0\(2\)se5
Cisco IOS=15.0\(2\)se6
Cisco IOS=15.0\(2\)se7
Cisco IOS=15.0\(2\)se8
Cisco IOS=15.0\(2\)se9
Cisco IOS=15.0\(2\)se10
Cisco IOS=15.0\(2\)se10a
Cisco IOS=15.0\(2\)se11
Cisco IOS=15.0\(2\)se12
Cisco IOS=15.0\(2\)se13
Cisco IOS=15.0\(2\)se13a
Cisco IOS=15.0\(2\)sg11a
Cisco IOS=15.2\(1\)ey
Cisco IOS=15.2\(2\)e
Cisco IOS=15.2\(2\)e1
Cisco IOS=15.2\(2\)e2
Cisco IOS=15.2\(2\)e3
Cisco IOS=15.2\(2\)e4
Cisco IOS=15.2\(2\)e5
Cisco IOS=15.2\(2\)e5a
Cisco IOS=15.2\(2\)e5b
Cisco IOS=15.2\(2\)e6
Cisco IOS=15.2\(2\)e7
Cisco IOS=15.2\(2\)e7b
Cisco IOS=15.2\(2\)e8
Cisco IOS=15.2\(2\)e9
Cisco IOS=15.2\(2\)e10
Cisco IOS=15.2\(2\)ea
Cisco IOS=15.2\(2\)ea1
Cisco IOS=15.2\(2\)ea2
Cisco IOS=15.2\(2\)ea3
Cisco IOS=15.2\(2\)eb
Cisco IOS=15.2\(2\)eb1
Cisco IOS=15.2\(2\)eb2
Cisco IOS=15.2\(2b\)e
Cisco IOS=15.2\(3\)e1
Cisco IOS=15.2\(3\)e2
Cisco IOS=15.2\(3\)e3
Cisco IOS=15.2\(3\)e4
Cisco IOS=15.2\(3\)e5
Cisco IOS=15.2\(3\)ea
Cisco IOS=15.2\(4\)e9
Cisco IOS=15.2\(4\)e10
Cisco IOS=15.2\(4\)ea
Cisco IOS=15.2\(4\)ea1
Cisco IOS=15.2\(4\)ea2
Cisco IOS=15.2\(4\)ea3
Cisco IOS=15.2\(4\)ea4
Cisco IOS=15.2\(4\)ea5
Cisco IOS=15.2\(4\)ea6
Cisco IOS=15.2\(4\)ea7
Cisco IOS=15.2\(4\)ea8
Cisco IOS=15.2\(4\)ea9
Cisco IOS=15.2\(4\)ec1
Cisco IOS=15.2\(4\)ec2
Cisco IOS=15.2\(4\)jaz
Cisco IOS=15.2\(4\)jaz1
Cisco IOS=15.2\(5\)e
Cisco IOS=15.2\(5\)e1
Cisco IOS=15.2\(5\)e2
Cisco IOS=15.2\(5\)e2b
Cisco IOS=15.2\(5\)e2c
Cisco IOS=15.2\(5\)ea
Cisco IOS=15.2\(5a\)e1
Cisco IOS=15.2\(6\)e
Cisco IOS=15.2\(6\)e0a
Cisco IOS=15.2\(6\)e0c
Cisco IOS=15.2\(6\)e1
Cisco IOS=15.2\(6\)e1a
Cisco IOS=15.2\(6\)e1s
Cisco IOS=15.2\(6\)e2a
Cisco IOS=15.2\(6\)e3
Cisco IOS=15.2\(6\)eb
Cisco IOS=15.2\(7\)e
Cisco IOS=15.2\(7\)e0b
Cisco IOS=15.2\(7\)e0s
Cisco IOS=15.2\(7a\)e0b
Cisco IOS=15.2\(7b\)e0b
Cisco IOS=15.3\(3\)ja1
Cisco IOS=15.3\(3\)ja1n
Cisco IOS=15.3\(3\)ja4
Cisco IOS=15.3\(3\)ja5
Cisco IOS=15.3\(3\)ja6
Cisco IOS=15.3\(3\)ja7
Cisco IOS=15.3\(3\)ja8
Cisco IOS=15.3\(3\)ja10
Cisco IOS=15.3\(3\)ja11
Cisco IOS=15.3\(3\)ja12
Cisco IOS=15.3\(3\)jaa
Cisco IOS=15.3\(3\)jaa1
Cisco IOS=15.3\(3\)jax
Cisco IOS=15.3\(3\)jax1
Cisco IOS=15.3\(3\)jax2
Cisco IOS=15.3\(3\)jb
Cisco IOS=15.3\(3\)jbb
Cisco IOS=15.3\(3\)jbb1
Cisco IOS=15.3\(3\)jbb2
Cisco IOS=15.3\(3\)jbb4
Cisco IOS=15.3\(3\)jbb5
Cisco IOS=15.3\(3\)jbb6
Cisco IOS=15.3\(3\)jbb6a
Cisco IOS=15.3\(3\)jbb8
Cisco IOS=15.3\(3\)jc
Cisco IOS=15.3\(3\)jc1
Cisco IOS=15.3\(3\)jc2
Cisco IOS=15.3\(3\)jc3
Cisco IOS=15.3\(3\)jc4
Cisco IOS=15.3\(3\)jc5
Cisco IOS=15.3\(3\)jc6
Cisco IOS=15.3\(3\)jc8
Cisco IOS=15.3\(3\)jc9
Cisco IOS=15.3\(3\)jc14
Cisco IOS=15.3\(3\)jd
Cisco IOS=15.3\(3\)jd2
Cisco IOS=15.3\(3\)jd3
Cisco IOS=15.3\(3\)jd4
Cisco IOS=15.3\(3\)jd5
Cisco IOS=15.3\(3\)jd6
Cisco IOS=15.3\(3\)jd7
Cisco IOS=15.3\(3\)jd8
Cisco IOS=15.3\(3\)jd9
Cisco IOS=15.3\(3\)jd11
Cisco IOS=15.3\(3\)jd12
Cisco IOS=15.3\(3\)jd13
Cisco IOS=15.3\(3\)jd14
Cisco IOS=15.3\(3\)jd16
Cisco IOS=15.3\(3\)jd17
Cisco IOS=15.3\(3\)je
Cisco IOS=15.3\(3\)jf
Cisco IOS=15.3\(3\)jf1
Cisco IOS=15.3\(3\)jf2
Cisco IOS=15.3\(3\)jf4
Cisco IOS=15.3\(3\)jf5
Cisco IOS=15.3\(3\)jf6
Cisco IOS=15.3\(3\)jf7
Cisco IOS=15.3\(3\)jf8
Cisco IOS=15.3\(3\)jf9
Cisco IOS=15.3\(3\)jf10
Cisco IOS=15.3\(3\)jf13
Cisco IOS=15.3\(3\)jf99
Cisco IOS=15.3\(3\)jg
Cisco IOS=15.3\(3\)jg1
Cisco IOS=15.3\(3\)jh
Cisco IOS=15.3\(3\)jh1
Cisco IOS=15.3\(3\)ji1
Cisco IOS=15.3\(3\)ji3
Cisco IOS=15.3\(3\)ji4
Cisco IOS=15.3\(3\)ji5
Cisco IOS=15.3\(3\)jj
Cisco IOS=15.3\(3\)jj1
Cisco IOS=15.3\(3\)jk
Cisco IOS=15.3\(3\)jk1a
Cisco IOS=15.3\(3\)jk1t
Cisco IOS=15.3\(3\)jk2a
Cisco IOS=15.3\(3\)jk3
Cisco IOS=15.3\(3\)jk99
Cisco IOS=15.3\(3\)jn
Cisco IOS=15.3\(3\)jn1
Cisco IOS=15.3\(3\)jn2
Cisco IOS=15.3\(3\)jn3
Cisco IOS=15.3\(3\)jn4
Cisco IOS=15.3\(3\)jn6
Cisco IOS=15.3\(3\)jn7
Cisco IOS=15.3\(3\)jn8
Cisco IOS=15.3\(3\)jn9
Cisco IOS=15.3\(3\)jn11
Cisco IOS=15.3\(3\)jn13
Cisco IOS=15.3\(3\)jn14
Cisco IOS=15.3\(3\)jn15
Cisco IOS=15.3\(3\)jnb
Cisco IOS=15.3\(3\)jnb1
Cisco IOS=15.3\(3\)jnb2
Cisco IOS=15.3\(3\)jnb3
Cisco IOS=15.3\(3\)jnb4
Cisco IOS=15.3\(3\)jnb5
Cisco IOS=15.3\(3\)jnb6
Cisco IOS=15.3\(3\)jnc
Cisco IOS=15.3\(3\)jnc1
Cisco IOS=15.3\(3\)jnc2
Cisco IOS=15.3\(3\)jnc3
Cisco IOS=15.3\(3\)jnc4
Cisco IOS=15.3\(3\)jnd
Cisco IOS=15.3\(3\)jnd1
Cisco IOS=15.3\(3\)jnd2
Cisco IOS=15.3\(3\)jnd3
Cisco IOS=15.3\(3\)jnp
Cisco IOS=15.3\(3\)jnp1
Cisco IOS=15.3\(3\)jnp3
Cisco IOS=15.3\(3\)jpb
Cisco IOS=15.3\(3\)jpb1
Cisco IOS=15.3\(3\)jpc
Cisco IOS=15.3\(3\)jpc1
Cisco IOS=15.3\(3\)jpc2
Cisco IOS=15.3\(3\)jpc3
Cisco IOS=15.3\(3\)jpc5
Cisco IOS=15.3\(3\)jpc99
Cisco IOS=15.3\(3\)jpd
Cisco IOS=15.3\(3\)jpi
Cisco IOS=15.3\(3\)jpi3
Cisco IOS=15.3\(3\)jpj
Cisco IOS XE=3.3.0xo
Cisco IOS XE=3.3.1xo
Cisco IOS XE=3.3.2xo
Cisco IOS XE=3.6.5be
Cisco IOS XE=3.8.9e
Cisco IOS XE=3.8.10e
Cisco IOS XE=3.10.3e
Cisco IOS XE=16.3.9
Cisco IOS XE=16.3.10
Cisco IOS XE=16.6.7
Cisco IOS XE=16.6.7a
Cisco IOS XE=16.6.8
Cisco IOS XE=16.9.1
Cisco IOS XE=16.9.1d
Cisco IOS XE=16.9.4
Cisco IOS XE=16.9.4c
Cisco IOS XE=16.9.5
Cisco IOS XE=16.9.5f
Cisco IOS XE=16.10.1
Cisco IOS XE=16.10.1e
Cisco IOS XE=16.10.1g
Cisco IOS XE=16.10.2
Cisco IOS XE=16.10.3
Cisco IOS XE=16.11.1
Cisco IOS XE=16.11.1a
Cisco IOS XE=16.11.1b
Cisco IOS XE=16.11.1c
Cisco IOS XE=16.11.1s
Cisco IOS XE=16.12.1
Cisco IOS XE=16.12.1a
Cisco IOS XE=16.12.1c
Cisco IOS XE=16.12.1s
Cisco IOS XE=16.12.1t
Cisco IOS XE=16.12.1w

Remedy

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cipdos-hkfTZXEx

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2020-3225?

    CVE-2020-3225 is classified as a high severity vulnerability due to its potential to allow an unauthenticated, remote attacker to cause a denial of service condition.

  • How do I fix CVE-2020-3225?

    To mitigate CVE-2020-3225, it is recommended to update the affected Cisco IOS or IOS XE software to a version that includes the security fix.

  • Which Cisco IOS versions are affected by CVE-2020-3225?

    CVE-2020-3225 affects multiple versions of Cisco IOS, specifically versions from 12.2(44)ex to various 15.x releases.

  • What are the potential impacts of CVE-2020-3225?

    The primary impact of CVE-2020-3225 is that it enables an attacker to remotely reload the affected device, resulting in service interruptions.

  • Are there any workarounds for CVE-2020-3225?

    While the best defense against CVE-2020-3225 is to apply updates, network segmentation and access control lists can serve as temporary mitigations.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203