7.2

CVE-2020-3208

A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) could allow an authenticated, local attacker to boot a malicious software image on an affected device. The vulnerability is due to insufficient access restrictions on the area of code that manages the image verification feature. An attacker could exploit this vulnerability by first authenticating to the targeted device and then logging in to the Virtual Device Server (VDS) of an affected device. The attacker could then, from the VDS shell, disable Cisco IOS Software integrity (image) verification. A successful exploit could allow the attacker to boot a malicious Cisco IOS Software image on the targeted device. To exploit this vulnerability, the attacker must have valid user credentials at privilege level 15.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoIos Version12.2(60)ez16
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.0(2)sg11a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.3(3)jaa1
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.3(3)jpj
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m0a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m1
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m2
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m2a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m3
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m4
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m4a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m5
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m6
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m6a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m7
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m8
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m9
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m10
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.5(3)m11
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(1)t
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(1)t0a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(1)t1
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(1)t2
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(1)t3
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m0a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m1
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m1b
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m2
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m3
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m3a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m4
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m5
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m6
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m6a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m6b
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m7
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m8
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.6(3)m9
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.7(3)m
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.7(3)m1
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.7(3)m2
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.7(3)m3
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.7(3)m4
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.7(3)m4a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.7(3)m4b
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.7(3)m5
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.7(3)m6
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.7(3)m7
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.8(3)m
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.8(3)m0a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.8(3)m1
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.8(3)m2
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.8(3)m2a
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.8(3)m3
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.8(3)m4
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
CiscoIos Version15.8(3)m5
   Cisco1120 Version-
   Cisco1240
   Cisco809
   Cisco829
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.06% 0.14
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
psirt@cisco.com 6.7 0.8 5.9
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H