SB2020060821 - Multiple vulnerabilities in Cisco IOS XE Software

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020060821

SB2020060821 - Multiple vulnerabilities in Cisco IOS XE Software

Published: June 8, 2020

Security Bulletin ID SB2020060821
Severity
Low
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-3213)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the ROMMON allowing for special parameters to be passed to the device at initial boot up. A local Priv15 user can send specially crafted parameters and execute arbitrary commands with the privileges of the root user.

This vulnerability affects the following products if they are running affected release of Cisco IOS XE Software: 

  • Cisco ASR 1000 Series Aggregation Services Routers
  • Cisco Cloud Services Router 1000V Series
  • Cisco Catalyst 3850 Series Switches
  • Cisco Catalyst 3650 Series Switches
  • Cisco 4000 Series Integrated Services Routers
  • Cisco 1000 Series Integrated Services Routers
  • Cisco Catalyst 9300 Series Switches
  • Cisco Catalyst 9500 Series Switches
  • Cisco Catalyst 9400 Series Switches
  • Cisco 1100 Series Industrial Integrated Services Routers
  • Cisco Catalyst 9200 Series Switches
  • Cisco Catalyst 9600 Series Switches
  • Cisco Catalyst 9800 Series Wireless Controllers


2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-3214)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied content. A local user can load malicious software onto an affected device and gain elevated privileges.

This vulnerability affects the following products if they are running affected release of Cisco IOS XE Software: 

  • Cisco ASR 1000 Series Aggregation Services Routers
  • Cisco Cloud Services Router 1000V Series
  • Cisco Catalyst 3850 Series Switches
  • Cisco Catalyst 3650 Series Switches
  • Cisco 4000 Series Integrated Services Routers
  • Cisco 1000 Series Integrated Services Routers
  • Cisco Catalyst 9300 Series Switches
  • Cisco Catalyst 9500 Series Switches
  • Cisco Catalyst 9400 Series Switches
  • Cisco 1100 Series Industrial Integrated Services Routers
  • Cisco Catalyst 9200 Series Switches
  • Cisco Catalyst 9600 Series Switches
  • Cisco Catalyst 9800 Series Wireless Controllers



3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-3215)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of a user-supplied open virtual appliance (OVA). A local user can instal a malicious OVA on an affected device and gain elevated privileges on the target system. 

This vulnerability affects the following products if they are running affected release of Cisco IOS XE Software: 

  • Cisco ASR 1000 Series Aggregation Services Routers
  • Cisco Cloud Services Router 1000V Series
  • Cisco Catalyst 3850 Series Switches
  • Cisco Catalyst 3650 Series Switches
  • Cisco 4000 Series Integrated Services Routers
  • Cisco 1000 Series Integrated Services Routers
  • Cisco Catalyst 9300 Series Switches
  • Cisco Catalyst 9500 Series Switches
  • Cisco Catalyst 9400 Series Switches
  • Cisco 1100 Series Industrial Integrated Services Routers
  • Cisco Catalyst 9200 Series Switches
  • Cisco Catalyst 9600 Series Switches
  • Cisco Catalyst 9800 Series Wireless Controllers

Remediation

Install update from vendor's website.

References