CVE-2020-3213

high-risk
Published 2020-06-03

A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. The vulnerability is due to the ROMMON allowing for special parameters to be passed to the device at initial boot up. An attacker could exploit this vulnerability by sending parameters to the device at initial boot up. An exploit could allow the attacker to elevate from a Priv15 user to the root user and execute arbitrary commands with the privileges of the root user.

Do I need to act?

-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.7/10 Medium
LOCAL / LOW complexity

Affected Products (20)

Affected Vendors

Cisco

References (2)

Patch https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-p...
Patch https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-p...
54
/ 100
high-risk
Severity 21/34 · High
Exploitability 0/34 · Minimal
Exposure 33/34 · Critical