cisco-sa-ios-iot-rce-xYRSeMNH: Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities
First published: Wed Jun 03 2020(Updated: )
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH This advisory is part of the June 3, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 23 Cisco Security Advisories that describe 25 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: June 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.
Credit: X.B. the Cisco Advanced Security Initiatives GroupE.I. Cisco PSIRT
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Puppet Cisco IOS | ||
| Cisco 809 Industrial Integrated Services Router Firmware | ||
| Cisco 829 Industrial Integrated Services Router Firmware | ||
| Cisco 1000 Series Connected Grid Routers |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-ios-iot-rce-xYRSeMNH?
The severity of cisco-sa-ios-iot-rce-xYRSeMNH is high, as it allows remote code execution by attackers.
How do I fix cisco-sa-ios-iot-rce-xYRSeMNH?
To fix cisco-sa-ios-iot-rce-xYRSeMNH, apply the recommended software updates provided by Cisco for affected products.
Who is affected by cisco-sa-ios-iot-rce-xYRSeMNH?
Cisco 809 and 829 Industrial Integrated Services Routers and Cisco 1000 Series Connected Grid Routers are affected by cisco-sa-ios-iot-rce-xYRSeMNH.
What types of attackers can exploit cisco-sa-ios-iot-rce-xYRSeMNH?
Both unauthenticated remote attackers and authenticated local attackers can exploit cisco-sa-ios-iot-rce-xYRSeMNH.
What products are included in the cisco-sa-ios-iot-rce-xYRSeMNH vulnerability advisory?
The cisco-sa-ios-iot-rce-xYRSeMNH advisory includes Cisco IOS Software, Cisco 809 Industrial Integrated Services Router, Cisco 829 Industrial Integrated Services Router, and Cisco 1000 Series Connected Grid Router.
- agent/author
- agent/type
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- collector/cisco-advisory
- source/Cisco
- agent/severity
- agent/title
- agent/weakness
- agent/references
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/puppet cisco ios
- canonical/cisco 809 industrial integrated services router firmware
- canonical/cisco 829 industrial integrated services router firmware
- canonical/cisco 1000 series connected grid routers