3 matches found
CVE-2022-20864
CVE-2022-20864 affects Cisco IOS XE ROM Monitor (ROMMON) software on Catalyst Switches. Root cause: a permissions issue in the ROMMON password-recovery disable feature (file and boot variable permissions) that could let an unauthenticated, local attacker reboot to ROMMON and issue commands to rea...
CVE-2021-1452
CVE-2021-1452 affects Cisco IOS XE ROMMON on Cisco Catalyst IE3200, IE3300, IE3400 Rugged Series Switches, IE3400 Heavy Duty, and Embedded Services 3300 Series. The flaw stems from incorrect validation of function arguments passed to a boot script when specific ROMMON variables are set, allowing ...
CVE-2020-3524
Cisco IOS XE ROMMON vulnerability (CVE-2020-3524) affects the ROMMON software on Cisco 4000 Series routers, ASR 920/1000 Series, and cBR-8. The root cause is a debugging configuration option in the ROMMON image. An unauthenticated, physical attacker can connect to the device console, boot into RO...