Lucene search
K

49 matches found

NVD
NVD
added 2020/09/24 6:15 p.m.29 views

CVE-2020-3524

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

6.9CVSS0.00285EPSS
Exploits0References1
NVD
NVD
added 2020/09/24 6:15 p.m.25 views

CVE-2020-3513

Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 RSP3 installed could allow an authenticated, local attacker with high privileges to execute...

6.9CVSS0.00322EPSS
Exploits0References1
OSV
OSV
added 2020/09/24 6:15 p.m.3 views

CVE-2020-3524

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

6.8CVSS6.7AI score0.00285EPSS
Exploits0References1
OSV
OSV
added 2020/09/24 6:15 p.m.5 views

CVE-2020-3513

Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 RSP3 installed could allow an authenticated, local attacker with high privileges to execute...

6.7CVSS7.2AI score0.00322EPSS
Exploits0References1
NVD
NVD
added 2020/09/24 6:15 p.m.23 views

CVE-2020-3417

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor ROMMON variables are set. An attacker could...

7.2CVSS0.00357EPSS
Exploits0References1
Prion
Prion
added 2020/09/24 6:15 p.m.22 views

Design/Logic Flaw

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

6.9CVSS6.5AI score0.00285EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/09/24 6:15 p.m.22 views

Design/Logic Flaw

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor ROMMON variables are set. An attacker could...

7.2CVSS6.5AI score0.00357EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/09/24 6:1 p.m.56 views

CVE-2020-3416

Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 (RSP3) consoles a set of boot-time vulnerabilities in the initialization routines. The issues stem from incorrect validations in boot scripts when specific ROMMON variables are defined, enabling an authenticated, local attack...

6.9CVSS6.7AI score0.00322EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/09/24 6:1 p.m.12 views

CVE-2020-3417 Cisco IOS XE Software Arbitrary Code Execution Vulnerability

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor ROMMON variables are set. An attacker could...

6.8CVSS6.8AI score0.00357EPSS
Exploits0References1
CVE
CVE
added 2020/09/24 6:1 p.m.152 views

CVE-2020-3417

CVE-2020-3417 affects Cisco IOS XE Software. It enables an authenticated, local attacker to execute persistent code at boot time and break the chain of trust due to incorrect ROMMON-variable handling during boot script validation. Exploitation requires root shell access or physical access to the ...

7.2CVSS6.4AI score0.00357EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/24 6:1 p.m.28 views

CVE-2020-3417 Cisco IOS XE Software Arbitrary Code Execution Vulnerability

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor ROMMON variables are set. An attacker could...

6.8CVSS6.5AI score0.00357EPSS
Exploits0References1
CVE
CVE
added 2020/09/24 5:51 p.m.58 views

CVE-2020-3524

Cisco IOS XE ROMMON vulnerability (CVE-2020-3524) affects the ROMMON software on Cisco 4000 Series routers, ASR 920/1000 Series, and cBR-8. The root cause is a debugging configuration option in the ROMMON image. An unauthenticated, physical attacker can connect to the device console, boot into RO...

6.9CVSS6.3AI score0.00285EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/09/24 5:51 p.m.9 views

CVE-2020-3524 Cisco IOS XE ROM Monitor Software Vulnerability

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

6.4CVSS6.7AI score0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/09/24 5:51 p.m.26 views

CVE-2020-3524 Cisco IOS XE ROM Monitor Software Vulnerability

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

6.4CVSS6.5AI score0.00285EPSS
Exploits0References1
Cisco
Cisco
added 2020/09/24 4:0 p.m.92 views

Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution Vulnerabilities

Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 RSP3 installed could allow an authenticated, local attacker with high privileges to execute...

6.7CVSS6.8AI score
Exploits0References1
Cisco
Cisco
added 2020/09/24 4:0 p.m.30 views

Cisco IOS XE ROM Monitor Software Vulnerability

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

6.4CVSS6.3AI score0.00285EPSS
Exploits0References1
Cisco
Cisco
added 2020/09/24 4:0 p.m.194 views

Cisco IOS XE Software Arbitrary Code Execution Vulnerability

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor ROMMON variables are set. An attacker could...

6.7CVSS6.5AI score0.00357EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/04 12:0 a.m.3 views

Cisco IOS XE Software Privilege License and Access Control Issues Vulnerability

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. A privilege permission and access control issue vulnerability exists in ROMMON in Cisco IOS XE Software. An attacker can exploit this vulnerability by sending parameters to elevate...

7.2CVSS7.4AI score0.00407EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/12/27 12:0 a.m.6 views

The vulnerability of the Cisco IOS operating system’s ROM Monitor, related to the presence of a hidden command that allows attackers to bypass signature checks and load malicious software images.

The vulnerability of the Cisco IOS ROM Monitor is related to the presence of a hidden command. Exploiting this vulnerability allows an attacker to bypass signature checks and load malicious software...

6.4CVSS6.7AI score0.00361EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/10/05 2:0 p.m.23 views

CVE-2018-15370 Cisco Catalyst 6800 Series Switches ROM Monitor Software Secure Boot Bypass Vulnerability

A vulnerability in Cisco IOS ROM Monitor ROMMON Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, local attacker to bypass Cisco Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to the presence of a...

6.7AI score0.00361EPSS
Exploits0References2
Rows per page
Query Builder