The vulnerability of the TCL-script interpreter used by Cisco IOS and Cisco IOS XE operating systems allows a hacker to execute arbitrary code with root privileges.

🗓️ 30 Jun 2020 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

TCL script interpreter flaw in Cisco IOS and IOS XE enables root code execution via invalid input.

Reporter	Title	Published	Views	Family All 11
Cisco	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	3 Jun 202016:00	–	cisco
Tenable Nessus	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution (cisco-sa-tcl-ace-C9KuVKmm)	18 Jun 202000:00	–	nessus
Tenable Nessus	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution (cisco-sa-tcl-ace-C9KuVKmm)	18 Jun 202000:00	–	nessus
CNVD	Cisco IOS and IOS XE Input Validation Error Vulnerability (CNVD-2020-31828)	4 Jun 202000:00	–	cnvd
CVE	CVE-2020-3204	3 Jun 202017:40	–	cve
Cvelist	CVE-2020-3204 Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	3 Jun 202017:40	–	cvelist
EUVD	EUVD-2020-24475	7 Oct 202500:30	–	euvd
NVD	CVE-2020-3204	3 Jun 202018:15	–	nvd
OSV	CVE-2020-3204	3 Jun 202018:15	–	osv
Prion	Input validation	3 Jun 202018:15	–	prion

Vulners

Node

cisco_systems cisco_iosMatch15.3s

cisco_systems cisco_ios_xeMatch16.1

cisco_systems cisco_ios_xeMatch16.2

cisco_systems cisco_ios_xeMatch3.9s

cisco_systems cisco_ios_xeMatch3.2se

cisco_systems cisco_ios_xeMatch3.3xo

cisco_systems cisco_ios_xeMatch16.3

cisco_systems cisco_ios_xeMatch3.7e

cisco_systems cisco_ios_xeMatch3.8e

cisco_systems cisco_ios_xeMatch3.9e

cisco_systems cisco_ios_xeMatch3.10s

cisco_systems cisco_ios_xeMatch3.15s

cisco_systems cisco_ios_xeMatch3.16s

cisco_systems cisco_ios_xeMatch3.17s

cisco_systems cisco_ios_xeMatch3.2sg

cisco_systems cisco_ios_xeMatch16.4

cisco_systems cisco_ios_xeMatch16.5

cisco_systems cisco_ios_xeMatch16.6

cisco_systems cisco_ios_xeMatch16.7

cisco_systems cisco_ios_xeMatch16.8

cisco_systems cisco_ios_xeMatch16.9

cisco_systems cisco_ios_xeMatch16.10

cisco_systems cisco_ios_xeMatch16.11

cisco_systems cisco_ios_xeMatch3.7s

cisco_systems cisco_ios_xeMatch3.3sg

cisco_systems cisco_ios_xeMatch3.8s

cisco_systems cisco_ios_xeMatch3.4sg

cisco_systems cisco_ios_xeMatch3.5e

cisco_systems cisco_ios_xeMatch3.11s

cisco_systems cisco_ios_xeMatch3.12s

cisco_systems cisco_ios_xeMatch3.13s

cisco_systems cisco_ios_xeMatch3.6e

cisco_systems cisco_ios_xeMatch3.14s

cisco_systems cisco_ios_xeMatch3.3sq

cisco_systems cisco_ios_xeMatch3.4sq

cisco_systems cisco_ios_xeMatch3.5sq

cisco_systems cisco_ios_xeMatch3.18s

cisco_systems cisco_ios_xeMatch3.18sp

cisco_systems cisco_ios_xeMatch3.10e

cisco_systems cisco_iosMatch12.2zi

cisco_systems cisco_iosMatch12.2ez

cisco_systems cisco_iosMatch12.4md

cisco_systems cisco_iosMatch12.2sxi

cisco_systems cisco_iosMatch12.2sre

cisco_systems cisco_iosMatch15.0s

cisco_systems cisco_iosMatch15.2s

cisco_systems cisco_iosMatch15.0ey

cisco_systems cisco_iosMatch15.1s

cisco_systems cisco_iosMatch15.0sy

cisco_systems cisco_iosMatch12.2sxj

cisco_systems cisco_iosMatch15.0sg

cisco_systems cisco_iosMatch15.0ex

cisco_systems cisco_iosMatch15.1sy

cisco_systems cisco_iosMatch15.4s

cisco_systems cisco_iosMatch15.2sc

cisco_systems cisco_iosMatch15.2sy

cisco_systems cisco_iosMatch15.2jaz

cisco_systems cisco_iosMatch15.5s

cisco_systems cisco_iosMatch15.3jaa

cisco_systems cisco_iosMatch15.3sy

cisco_systems cisco_iosMatch15.6sp

cisco_systems cisco_iosMatch15.4sy

cisco_systems cisco_iosMatch15.7m

cisco_systems cisco_iosMatch15.8m

cisco_systems cisco_iosMatch15.0xa

cisco_systems cisco_iosMatch15.1t

cisco_systems cisco_iosMatch15.1xb

cisco_systems cisco_iosMatch15.3t

cisco_systems cisco_iosMatch15.1m

cisco_systems cisco_iosMatch15.1gc

cisco_systems cisco_iosMatch15.0mr

cisco_systems cisco_iosMatch15.2m

cisco_systems cisco_iosMatch15.2gc

cisco_systems cisco_iosMatch15.4t

cisco_systems cisco_iosMatch15.1mra

cisco_systems cisco_iosMatch15.3m

cisco_systems cisco_iosMatch15.4m

cisco_systems cisco_iosMatch15.3xb

cisco_systems cisco_iosMatch15.4cg

cisco_systems cisco_iosMatch15.5t

cisco_systems cisco_iosMatch15.4sn

cisco_systems cisco_iosMatch15.5m

cisco_systems cisco_iosMatch15.6s

cisco_systems cisco_iosMatch15.6t

cisco_systems cisco_iosMatch15.5xb

cisco_systems cisco_iosMatch15.6sn

cisco_systems cisco_iosMatch15.6m

cisco_systems cisco_iosMatch15.1sg

cisco_systems cisco_iosMatch15.2e

cisco_systems cisco_ios_xeMatch16.12

cisco_systems cisco_iosMatch12.2se

cisco_systems cisco_iosMatch12.2ex

cisco_systems cisco_iosMatch12.2ey

cisco_systems cisco_iosMatch12.4mr

cisco_systems cisco_iosMatch12.4t

cisco_systems cisco_iosMatch12.2sg

cisco_systems cisco_iosMatch12.4xz

cisco_systems cisco_iosMatch12.4xr

cisco_systems cisco_iosMatch12.2xo

cisco_systems cisco_iosMatch12.2sq

cisco_systems cisco_iosMatch12.4mda

cisco_systems cisco_iosMatch12.4yg

cisco_systems cisco_iosMatch15.0m

cisco_systems cisco_iosMatch15.0xo

cisco_systems cisco_iosMatch12.4mrb

cisco_systems cisco_iosMatch12.2wo

cisco_systems cisco_iosMatch15.0se

cisco_systems cisco_iosMatch12.4mdb

cisco_systems cisco_iosMatch15.0ez

cisco_systems cisco_iosMatch12.4ys

cisco_systems cisco_iosMatch15.2ey

cisco_systems cisco_iosMatch15.0ej

cisco_systems cisco_iosMatch15.2ex

cisco_systems cisco_iosMatch15.0ek

cisco_systems cisco_iosMatch15.2eb

cisco_systems cisco_iosMatch15.2ea

cisco_systems cisco_iosMatch15.0sqd

cisco_systems cisco_iosMatch15.2ec

cisco_systems cisco_iosMatch12.2i

cisco_systems cisco_iosMatch15.9m

cisco_systems cisco_iosMatch15.3jpi

cisco_systems cisco_iosMatch15.1svs

cisco_systems cisco_ios_xeMatch3.11e

Source	Link
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcl-ace-C9KuVKmm
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-3204
web	www.web.nvd.nist.gov/view/vuln/detail

30 Jun 2020 00:00Current

7.1High risk

Vulners AI Score7.1

CVSS 36.7

CVSS 26.8

EPSS0.00063