Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-20320

A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System (NCS) 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of arguments that are included with the SSH client CLI command. An attacker with low-privileged access to an affected device could exploit this vulnerability by issuing a crafted SSH client command to the CLI. A successful exploit could allow the attacker to elevate privileges to root on the affected device.

Published

2024-03-13T17:15:48.193

Last Modified

2025-08-05T14:40:07.707

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-266
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System cisco ios_xr 7.2.1 Yes
Operating System cisco ios_xr 7.2.2 Yes
Operating System cisco ios_xr 7.3.1 Yes
Operating System cisco ios_xr 7.3.2 Yes
Operating System cisco ios_xr 7.3.3 Yes
Operating System cisco ios_xr 7.3.5 Yes
Operating System cisco ios_xr 7.3.15 Yes
Operating System cisco ios_xr 7.4.1 Yes
Operating System cisco ios_xr 7.4.2 Yes
Operating System cisco ios_xr 7.5.1 Yes
Operating System cisco ios_xr 7.5.2 Yes
Operating System cisco ios_xr 7.5.3 Yes
Operating System cisco ios_xr 7.5.4 Yes
Operating System cisco ios_xr 7.5.5 Yes
Operating System cisco ios_xr 7.6.1 Yes
Operating System cisco ios_xr 7.6.2 Yes
Operating System cisco ios_xr 7.7.1 Yes
Operating System cisco ios_xr 7.7.2 Yes
Operating System cisco ios_xr 7.7.21 Yes
Operating System cisco ios_xr 7.8.1 Yes
Operating System cisco ios_xr 7.8.2 Yes
Operating System cisco ios_xr 7.9.1 Yes
Operating System cisco ios_xr 7.9.2 Yes
Operating System cisco ios_xr 7.9.21 Yes
Operating System cisco ios_xr 7.10.1 Yes
Application cisco ios_xrd_control_plane * No
Application cisco ios_xrd_vrouter * No
Hardware cisco 8011-4g24y4h-i - No
Hardware cisco 8101-32fh - No
Hardware cisco 8101-32fh-o - No
Hardware cisco 8101-32h-o - No
Hardware cisco 8102-28fh-dpu-o - No
Hardware cisco 8102-64h - No
Hardware cisco 8102-64h-o - No
Hardware cisco 8111-32eh-o - No
Hardware cisco 8122-64eh-o - No
Hardware cisco 8122-64ehf-o - No
Hardware cisco 8201 - No
Hardware cisco 8201-24h8fh - No
Hardware cisco 8201-32fh - No
Hardware cisco 8201-32fh-o - No
Hardware cisco 8202 - No
Hardware cisco 8202-32fh-m - No
Hardware cisco 8212-48fh-m - No
Hardware cisco 8404 - No
Hardware cisco 8501-sys-mt - No
Hardware cisco 8608 - No
Hardware cisco 8700 - No
Hardware cisco 8711-32fh-m - No
Hardware cisco 8712-mod-m - No
Hardware cisco 8804 - No
Hardware cisco 8808 - No
Hardware cisco 8812 - No
Hardware cisco 8818 - No
Hardware cisco ncs_540-12z20g-sys-a - No
Hardware cisco ncs_540-12z20g-sys-d - No
Hardware cisco ncs_540-24q2c2dd-sys - No
Hardware cisco ncs_540-24q8l2dd-sys - No
Hardware cisco ncs_540-24z8q2c-sys - No
Hardware cisco ncs_540-28z4c-sys-a - No
Hardware cisco ncs_540-28z4c-sys-d - No
Hardware cisco ncs_540-6z14s-sys-d - No
Hardware cisco ncs_540-6z18g-sys-a - No
Hardware cisco ncs_540-6z18g-sys-d - No
Hardware cisco ncs_540-acc-sys - No
Hardware cisco ncs_540-fh-agg - No
Hardware cisco ncs_540-fh-csr-sys - No
Hardware cisco ncs_540x-12z16g-sys-a - No
Hardware cisco ncs_540x-12z16g-sys-d - No
Hardware cisco ncs_540x-16z4g8q2c-a - No
Hardware cisco ncs_540x-16z4g8q2c-d - No
Hardware cisco ncs_540x-16z8q2c-d - No
Hardware cisco ncs_540x-4z14g2q-a - No
Hardware cisco ncs_540x-4z14g2q-d - No
Hardware cisco ncs_540x-6z18g-sys-a - No
Hardware cisco ncs_540x-6z18g-sys-d - No
Hardware cisco ncs_540x-8z16g-sys-a - No
Hardware cisco ncs_540x-8z16g-sys-d - No
Hardware cisco ncs_540x-acc-sys - No
Hardware cisco ncs_57b1-5dse-sys - No
Hardware cisco ncs_57b1-6d24-sys - No
Hardware cisco ncs_57c1-48q6-sys - No
References