Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCiscoCVELIST:CVE-2017-12223
HistorySep 07, 2017 - 9:00 p.m.

CVE-2017-12223

2017-09-0721:00:00
CWE-20
cisco
www.cve.org

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.4%

JSON

A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device and compromise the integrity of the system. The vulnerability is due to insufficient sanitization of user input. An attacker who can access an affected router via the console could exploit this vulnerability by entering ROMMON mode and modifying ROMMON variables. A successful exploit could allow the attacker to execute arbitrary code and install a malicious version of Hypervisor firmware on an affected device. Cisco Bug IDs: CSCvb44027.

CNA Affected

[
  {
    "product": "Cisco IR800 Integrated Services Router",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco IR800 Integrated Services Router"
      }
    ]
  }
]

Related

nvd 1
prion 1
cve 1
cisco 1
nvd
nvd
CVE-2017-12223
2017-09-07 21:29:00
prion
prion
Design/Logic Flaw
2017-09-07 21:29:00
cve
cve
CVE-2017-12223
2017-09-07 21:29:00
cisco
cisco
Cisco IR800 Integrated Services Router ROM Monitor Input Validation Vulnerability
2017-09-06 16:00:00

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.4%

JSON
Related for CVELIST:CVE-2017-12223
nvd1prion1cve1cisco1