CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3208

A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) could allow an authenticated, local attacker to boot a malicious software image on an affected device. The vulnerability is due to insufficient access restrictions on the area of code that manages the image verification feature. An attacker could exploit this vulnerability by first authenticating to the targeted device and then logging in to the Virtual Device Server (VDS) of an affected device. The attacker could then, from the VDS shell, disable Cisco IOS Software integrity (image) verification. A successful exploit could allow the attacker to boot a malicious Cisco IOS Software image on the targeted device. To exploit this vulnerability, the attacker must have valid user credentials at privilege level 15.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.4%

CVSS Severity

CVSS v3 Score 6.7

CVSS v2 Score 7.2

References

Products affected by CVE-2020-3208

Cisco » 1120 » Version: N/A

cpe:2.3:h:cisco:1120:-
Cisco » 1240 » Version: N/A

cpe:2.3:h:cisco:1240:-
Cisco » 809 » Version: N/A

cpe:2.3:h:cisco:809:-
Cisco » 829 » Version: N/A

cpe:2.3:h:cisco:829:-
Cisco » Ios » Version: 12.2(60)ez16

cpe:2.3:o:cisco:ios:12.2(60)ez16
Cisco » Ios » Version: 15.0(2)sg11a

cpe:2.3:o:cisco:ios:15.0(2)sg11a
Cisco » Ios » Version: 15.3(3)jaa1

cpe:2.3:o:cisco:ios:15.3(3)jaa1
Cisco » Ios » Version: 15.3(3)jpj

cpe:2.3:o:cisco:ios:15.3(3)jpj
Cisco » Ios » Version: 15.5(3)m0a

cpe:2.3:o:cisco:ios:15.5(3)m0a
Cisco » Ios » Version: 15.5(3)m1

cpe:2.3:o:cisco:ios:15.5(3)m1
Cisco » Ios » Version: 15.5(3)m10

cpe:2.3:o:cisco:ios:15.5(3)m10
Cisco » Ios » Version: 15.5(3)m11

cpe:2.3:o:cisco:ios:15.5(3)m11
Cisco » Ios » Version: 15.5(3)m2

cpe:2.3:o:cisco:ios:15.5(3)m2
Cisco » Ios » Version: 15.5(3)m2a

cpe:2.3:o:cisco:ios:15.5(3)m2a
Cisco » Ios » Version: 15.5(3)m3

cpe:2.3:o:cisco:ios:15.5(3)m3
Cisco » Ios » Version: 15.5(3)m4

cpe:2.3:o:cisco:ios:15.5(3)m4
Cisco » Ios » Version: 15.5(3)m4a

cpe:2.3:o:cisco:ios:15.5(3)m4a
Cisco » Ios » Version: 15.5(3)m5

cpe:2.3:o:cisco:ios:15.5(3)m5
Cisco » Ios » Version: 15.5(3)m6

cpe:2.3:o:cisco:ios:15.5(3)m6
Cisco » Ios » Version: 15.5(3)m6a

cpe:2.3:o:cisco:ios:15.5(3)m6a
Cisco » Ios » Version: 15.5(3)m7

cpe:2.3:o:cisco:ios:15.5(3)m7
Cisco » Ios » Version: 15.5(3)m8

cpe:2.3:o:cisco:ios:15.5(3)m8
Cisco » Ios » Version: 15.5(3)m9

cpe:2.3:o:cisco:ios:15.5(3)m9
Cisco » Ios » Version: 15.6(1)t

cpe:2.3:o:cisco:ios:15.6(1)t
Cisco » Ios » Version: 15.6(1)t0a

cpe:2.3:o:cisco:ios:15.6(1)t0a
Cisco » Ios » Version: 15.6(1)t1

cpe:2.3:o:cisco:ios:15.6(1)t1
Cisco » Ios » Version: 15.6(1)t2

cpe:2.3:o:cisco:ios:15.6(1)t2
Cisco » Ios » Version: 15.6(1)t3

cpe:2.3:o:cisco:ios:15.6(1)t3
Cisco » Ios » Version: 15.6(3)m

cpe:2.3:o:cisco:ios:15.6(3)m
Cisco » Ios » Version: 15.6(3)m0a

cpe:2.3:o:cisco:ios:15.6(3)m0a
Cisco » Ios » Version: 15.6(3)m1

cpe:2.3:o:cisco:ios:15.6(3)m1
Cisco » Ios » Version: 15.6(3)m1b

cpe:2.3:o:cisco:ios:15.6(3)m1b
Cisco » Ios » Version: 15.6(3)m2

cpe:2.3:o:cisco:ios:15.6(3)m2
Cisco » Ios » Version: 15.6(3)m3

cpe:2.3:o:cisco:ios:15.6(3)m3
Cisco » Ios » Version: 15.6(3)m3a

cpe:2.3:o:cisco:ios:15.6(3)m3a
Cisco » Ios » Version: 15.6(3)m4

cpe:2.3:o:cisco:ios:15.6(3)m4
Cisco » Ios » Version: 15.6(3)m5

cpe:2.3:o:cisco:ios:15.6(3)m5
Cisco » Ios » Version: 15.6(3)m6

cpe:2.3:o:cisco:ios:15.6(3)m6
Cisco » Ios » Version: 15.6(3)m6a

cpe:2.3:o:cisco:ios:15.6(3)m6a
Cisco » Ios » Version: 15.6(3)m6b

cpe:2.3:o:cisco:ios:15.6(3)m6b
Cisco » Ios » Version: 15.6(3)m7

cpe:2.3:o:cisco:ios:15.6(3)m7
Cisco » Ios » Version: 15.6(3)m8

cpe:2.3:o:cisco:ios:15.6(3)m8
Cisco » Ios » Version: 15.6(3)m9

cpe:2.3:o:cisco:ios:15.6(3)m9
Cisco » Ios » Version: 15.7(3)m

cpe:2.3:o:cisco:ios:15.7(3)m
Cisco » Ios » Version: 15.7(3)m1

cpe:2.3:o:cisco:ios:15.7(3)m1
Cisco » Ios » Version: 15.7(3)m2

cpe:2.3:o:cisco:ios:15.7(3)m2
Cisco » Ios » Version: 15.7(3)m3

cpe:2.3:o:cisco:ios:15.7(3)m3
Cisco » Ios » Version: 15.7(3)m4

cpe:2.3:o:cisco:ios:15.7(3)m4
Cisco » Ios » Version: 15.7(3)m4a

cpe:2.3:o:cisco:ios:15.7(3)m4a
Cisco » Ios » Version: 15.7(3)m4b

cpe:2.3:o:cisco:ios:15.7(3)m4b
Cisco » Ios » Version: 15.7(3)m5

cpe:2.3:o:cisco:ios:15.7(3)m5
Cisco » Ios » Version: 15.7(3)m6

cpe:2.3:o:cisco:ios:15.7(3)m6
Cisco » Ios » Version: 15.7(3)m7

cpe:2.3:o:cisco:ios:15.7(3)m7
Cisco » Ios » Version: 15.8(3)m

cpe:2.3:o:cisco:ios:15.8(3)m
Cisco » Ios » Version: 15.8(3)m0a

cpe:2.3:o:cisco:ios:15.8(3)m0a
Cisco » Ios » Version: 15.8(3)m1

cpe:2.3:o:cisco:ios:15.8(3)m1
Cisco » Ios » Version: 15.8(3)m2

cpe:2.3:o:cisco:ios:15.8(3)m2
Cisco » Ios » Version: 15.8(3)m2a

cpe:2.3:o:cisco:ios:15.8(3)m2a
Cisco » Ios » Version: 15.8(3)m3

cpe:2.3:o:cisco:ios:15.8(3)m3
Cisco » Ios » Version: 15.8(3)m4

cpe:2.3:o:cisco:ios:15.8(3)m4
Cisco » Ios » Version: 15.8(3)m5

cpe:2.3:o:cisco:ios:15.8(3)m5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3208

Products

Pricing

Contact Us