20 matches found
EUVD-2020-24470
Malware in sbrugna...
EUVD-2020-24528
Malware in sbrugna...
CVE-2021-1441 Cisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution Vulnerability
A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is...
CVE-2020-3258
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...
CVE-2020-3258
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...
CVE-2020-3234
A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an authenticated but low-privileged, local attacker to log in to the Virtual...
CVE-2020-3198
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...
Information disclosure
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...
CVE-2020-3258
Cisco IOS Software CVE-2020-3258 affects Cisco 809/829 Industrial ISRs and CGR1000; a vulnerability in a diagnostic test CLI command can modify run-time memory, enabling an unauthenticated remote attacker or an authenticated local attacker to execute arbitrary code or cause a crash/reload. Exploi...
CVE-2020-3234
The CVE-2020-3234 issue affects Cisco IOS Software for Cisco 809/829 Industrial ISRs and CGR1000 devices, where the Virtual Device Server (VDS) authentication uses hard-coded/default credentials. A local, authenticated, low-privilege attacker can log in to VDS via the device’s virtual console and...
CVE-2020-3210
CVE-2020-3210 affects Cisco IOS Software on Cisco 809/829 Industrial ISRs and CGR1000, where the CLI parsers for VDS-related commands fail to validate input. An authenticated local attacker with privilege level 15 can inject malicious input into VDS CLI arguments, gaining arbitrary commands execu...
CVE-2020-3208
Cisco IOS Software for Cisco 809 and 829 Industrial ISRs is affected by an image verification bypass. The issue stems from insufficient access restrictions around the image verification code, allowing an authenticated attacker with valid credentials at privilege level 15 to log into the VDS and d...
CVE-2020-3205
CVE-2020-3205 — Cisco IOS inter-VM channel injection involves Cisco IOS Software on Cisco 809/829 Industrial ISRs and CGR1000, where insufficient validation of signaling packets to the Virtual Device Server (VDS) allows an unauthenticated, adjacent attacker to execute arbitrary shell commands wit...
Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Verification Bypass Vulnerability
A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs could allow an authenticated, local attacker to boot a malicious software image on an affected device. The vulnerability is due to insufficient acce...
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability
A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an authenticated but low-privileged, local attacker to log in to the Virtual...
Design/Logic Flaw
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the...
CVE-2018-15376
CVE-2018-15376 affects Cisco IOS Software on Cisco 800 Series Industrial Integrated Services Routers. The flaw resides in the embedded test subsystem and allows an authenticated, local attacker to write arbitrary values to arbitrary memory locations by using certain test commands intended for int...
CVE-2018-15376 Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the...
CVE-2018-15375
CVE-2018-15375 affects Cisco IOS Software on Cisco 800 Series Industrial Integrated Services Routers. The vulnerability lies in the embedded test subsystem: presence of test commands intended for internal development builds allows an authenticated, local attacker to write arbitrary values to arbi...
CVE-2017-3853
A vulnerability in the Data-in-Motion DMo process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The...