CVE-2020-3118

🗓️ 05 Feb 2020 17:40:16Reported by ciscoType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 950 Views

A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device

Reporter	Title	Published	Views	Family All 26
Tenable Nessus	Cisco IOS XR Software Cisco Discovery Protocol RCE (cisco-sa-20200205-iosxr-cdp-rce)	18 Feb 202000:00	–	nessus
Tenable Nessus	Cisco IOS XR Software Cisco Discovery Protocol Remote Code Execution Vulnerability (cisco-sa-20200205-iosxr-cdp-rce)	10 Feb 202000:00	–	nessus
ICS	Potential for China Cyber Response to Heightened U.S.–China Tensions	20 Oct 202012:00	–	ics
ATTACKERKB	CVE-2020-3118 (AKA: CDPwn)	5 Feb 202000:00	–	attackerkb
Circl	CVE-2020-3118	7 Feb 202011:05	–	circl
CISA KEV Catalog	Cisco IOS XR Software Discovery Protocol Format String Vulnerability	3 Nov 202100:00	–	cisa_kev
Cisco	Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability	5 Feb 202016:00	–	cisco
CNVD	Cisco Discovery Protocol Format String Vulnerability in Cisco IOS XR Software	6 Feb 202000:00	–	cnvd
Cvelist	CVE-2020-3118 Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability	5 Feb 202017:40	–	cvelist
EUVD	EUVD-2020-24389	7 Oct 202500:30	–	euvd

NVD

Vulners

Node

cisco ios_xrRange6.6.0–6.6.12

cisco ios_xrRange7.0.0–7.0.2

Node

cisco ios_xrMatch6.5.3

AND

cisco asr_9000vMatch-

cisco asr_9001Match-

cisco asr_9006Match-

cisco asr_9010Match-

cisco asr_9901Match-

cisco asr_9904Match-

cisco asr_9906Match-

cisco asr_9910Match-

cisco asr_9912Match-

cisco asr_9922Match-

cisco ncs_540-12z20g-sys-aMatch-

cisco ncs_540-12z20g-sys-dMatch-

cisco ncs_540-24z8q2c-sysMatch-

cisco ncs_540-28z4c-sys-aMatch-

cisco ncs_540-28z4c-sys-dMatch-

cisco ncs_540-acc-sysMatch-

cisco ncs_540x-12z16g-sys-aMatch-

cisco ncs_540x-12z16g-sys-dMatch-

cisco ncs_540x-16z4g8q2c-aMatch-

cisco ncs_540x-16z4g8q2c-dMatch-

cisco ncs_540x-acc-sysMatch-

cisco ncs_5501Match-

cisco ncs_5501-seMatch-

cisco ncs_5502Match-

cisco ncs_5502-seMatch-

cisco ncs_5508Match-

cisco ncs_5516Match-

cisco xrv_9000Match-

Node

cisco ios_xrMatch5.2.5

AND

cisco ncs_6000Match-

cisco ncs_6008Match-

Node

cisco ios_xrMatch6.4.2

AND

cisco asr_9000Match-

cisco asr_9000vMatch-

cisco asr_9001Match-

cisco asr_9006Match-

cisco asr_9010Match-

cisco asr_9901Match-

cisco asr_9903Match-

cisco asr_9904Match-

cisco asr_9906Match-

cisco asr_9910Match-

cisco asr_9912Match-

cisco asr_9920Match-

cisco asr_9922Match-

cisco crs-xMatch-

Node

cisco ios_xrMatch6.6.25

AND

cisco ncs_560Match-

Node

cisco ios_xrMatch7.0.1

AND

cisco ncs_540lMatch-

[
  {
    "product": "Cisco IOS XR Software",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "6.6.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce
packetstormsecurity	www.packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

28 Oct 2025 13:57Current

8.8High risk

Vulners AI Score8.8

CVSS 28.3

CVSS 3.18.8

CVSS 38.8

EPSS0.00203

SSVC

cisco discovery protocol vulnerability cve-2020-3118 cisco ios xr software security network security code execution reload layer 2 protocol