Rapid7 Vulnerability & Exploit Database

Cisco IOS: CVE-2020-3258: Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Cisco IOS: CVE-2020-3258: Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
06/03/2020
Created
08/08/2020
Added
08/07/2020
Modified
04/28/2021

Description

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory.

Solution(s)

  • cisco-ios-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;