Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-3213

A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. The vulnerability is due to the ROMMON allowing for special parameters to be passed to the device at initial boot up. An attacker could exploit this vulnerability by sending parameters to the device at initial boot up. An exploit could allow the attacker to elevate from a Priv15 user to the root user and execute arbitrary commands with the privileges of the root user.

Published

2020-06-03T18:15:19.370

Last Modified

2024-11-21T05:30:34.407

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Secondary
CWE-264
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	ios_xe	3.8.0s	Yes
Operating System	cisco	ios_xe	3.8.1s	Yes
Operating System	cisco	ios_xe	3.8.2s	Yes
Operating System	cisco	ios_xe	3.9.0as	Yes
Operating System	cisco	ios_xe	3.9.0s	Yes
Operating System	cisco	ios_xe	3.9.1as	Yes
Operating System	cisco	ios_xe	3.9.1s	Yes
Operating System	cisco	ios_xe	3.9.2s	Yes
Operating System	cisco	ios_xe	3.10.0s	Yes
Operating System	cisco	ios_xe	3.10.1s	Yes
Operating System	cisco	ios_xe	3.10.2as	Yes
Operating System	cisco	ios_xe	3.10.2s	Yes
Operating System	cisco	ios_xe	3.10.2ts	Yes
Operating System	cisco	ios_xe	3.10.3s	Yes
Operating System	cisco	ios_xe	3.10.4s	Yes
Operating System	cisco	ios_xe	3.10.5s	Yes
Operating System	cisco	ios_xe	3.10.6s	Yes
Operating System	cisco	ios_xe	3.10.7s	Yes
Operating System	cisco	ios_xe	3.10.8as	Yes
Operating System	cisco	ios_xe	3.10.8s	Yes
Operating System	cisco	ios_xe	3.10.9s	Yes
Operating System	cisco	ios_xe	3.10.10s	Yes
Operating System	cisco	ios_xe	3.11.0s	Yes
Operating System	cisco	ios_xe	3.11.1s	Yes
Operating System	cisco	ios_xe	3.11.2s	Yes
Operating System	cisco	ios_xe	3.11.3s	Yes
Operating System	cisco	ios_xe	3.11.4s	Yes
Operating System	cisco	ios_xe	3.12.0as	Yes
Operating System	cisco	ios_xe	3.12.0s	Yes
Operating System	cisco	ios_xe	3.12.1s	Yes
Operating System	cisco	ios_xe	3.12.2s	Yes
Operating System	cisco	ios_xe	3.12.3s	Yes
Operating System	cisco	ios_xe	3.12.4s	Yes
Operating System	cisco	ios_xe	3.13.0as	Yes
Operating System	cisco	ios_xe	3.13.0s	Yes
Operating System	cisco	ios_xe	3.13.1s	Yes
Operating System	cisco	ios_xe	3.13.2as	Yes
Operating System	cisco	ios_xe	3.13.2s	Yes
Operating System	cisco	ios_xe	3.13.3s	Yes
Operating System	cisco	ios_xe	3.13.4s	Yes
Operating System	cisco	ios_xe	3.13.5as	Yes
Operating System	cisco	ios_xe	3.13.5s	Yes
Operating System	cisco	ios_xe	3.13.6as	Yes
Operating System	cisco	ios_xe	3.13.6bs	Yes
Operating System	cisco	ios_xe	3.13.6s	Yes
Operating System	cisco	ios_xe	3.13.7as	Yes
Operating System	cisco	ios_xe	3.13.7s	Yes
Operating System	cisco	ios_xe	3.13.8s	Yes
Operating System	cisco	ios_xe	3.13.9s	Yes
Operating System	cisco	ios_xe	3.13.10s	Yes
Operating System	cisco	ios_xe	3.14.0s	Yes
Operating System	cisco	ios_xe	3.14.1s	Yes
Operating System	cisco	ios_xe	3.14.2s	Yes
Operating System	cisco	ios_xe	3.14.3s	Yes
Operating System	cisco	ios_xe	3.14.4s	Yes
Operating System	cisco	ios_xe	3.15.0s	Yes
Operating System	cisco	ios_xe	3.15.1cs	Yes
Operating System	cisco	ios_xe	3.15.1s	Yes
Operating System	cisco	ios_xe	3.15.2s	Yes
Operating System	cisco	ios_xe	3.15.3s	Yes
Operating System	cisco	ios_xe	3.15.4s	Yes
Operating System	cisco	ios_xe	3.16.0as	Yes
Operating System	cisco	ios_xe	3.16.0bs	Yes
Operating System	cisco	ios_xe	3.16.0cs	Yes
Operating System	cisco	ios_xe	3.16.0s	Yes
Operating System	cisco	ios_xe	3.16.1as	Yes
Operating System	cisco	ios_xe	3.16.2as	Yes
Operating System	cisco	ios_xe	3.16.2bs	Yes
Operating System	cisco	ios_xe	3.16.2s	Yes
Operating System	cisco	ios_xe	3.16.3as	Yes
Operating System	cisco	ios_xe	3.16.3s	Yes
Operating System	cisco	ios_xe	3.16.4as	Yes
Operating System	cisco	ios_xe	3.16.4bs	Yes
Operating System	cisco	ios_xe	3.16.4cs	Yes
Operating System	cisco	ios_xe	3.16.4ds	Yes
Operating System	cisco	ios_xe	3.16.4es	Yes
Operating System	cisco	ios_xe	3.16.4gs	Yes
Operating System	cisco	ios_xe	3.16.4s	Yes
Operating System	cisco	ios_xe	3.16.5as	Yes
Operating System	cisco	ios_xe	3.16.5bs	Yes
Operating System	cisco	ios_xe	3.16.5s	Yes
Operating System	cisco	ios_xe	3.16.6bs	Yes
Operating System	cisco	ios_xe	3.16.6s	Yes
Operating System	cisco	ios_xe	3.16.7as	Yes
Operating System	cisco	ios_xe	3.16.7bs	Yes
Operating System	cisco	ios_xe	3.16.7s	Yes
Operating System	cisco	ios_xe	3.16.8s	Yes
Operating System	cisco	ios_xe	3.16.9s	Yes
Operating System	cisco	ios_xe	3.16.10s	Yes
Operating System	cisco	ios_xe	3.17.0s	Yes
Operating System	cisco	ios_xe	3.17.1as	Yes
Operating System	cisco	ios_xe	3.17.1s	Yes
Operating System	cisco	ios_xe	3.17.2s	Yes
Operating System	cisco	ios_xe	3.17.3s	Yes
Operating System	cisco	ios_xe	3.17.4s	Yes
Operating System	cisco	ios_xe	3.18.0s	Yes
Operating System	cisco	ios_xe	3.18.0sp	Yes
Operating System	cisco	ios_xe	3.18.1bsp	Yes
Operating System	cisco	ios_xe	3.18.1csp	Yes
Operating System	cisco	ios_xe	3.18.1gsp	Yes
Operating System	cisco	ios_xe	3.18.1hsp	Yes
Operating System	cisco	ios_xe	3.18.1isp	Yes
Operating System	cisco	ios_xe	3.18.1s	Yes
Operating System	cisco	ios_xe	3.18.1sp	Yes
Operating System	cisco	ios_xe	3.18.2s	Yes
Operating System	cisco	ios_xe	3.18.2sp	Yes
Operating System	cisco	ios_xe	3.18.3s	Yes
Operating System	cisco	ios_xe	3.18.3sp	Yes
Operating System	cisco	ios_xe	3.18.4s	Yes
Operating System	cisco	ios_xe	3.18.4sp	Yes
Operating System	cisco	ios_xe	3.18.5sp	Yes
Operating System	cisco	ios_xe	3.18.6sp	Yes
Operating System	cisco	ios_xe	3.18.7sp	Yes
Operating System	cisco	ios_xe	3.18.8sp	Yes
Operating System	cisco	ios_xe	16.1.1	Yes
Operating System	cisco	ios_xe	16.1.2	Yes
Operating System	cisco	ios_xe	16.1.3	Yes
Operating System	cisco	ios_xe	16.2.1	Yes
Operating System	cisco	ios_xe	16.2.2	Yes
Operating System	cisco	ios_xe	16.3.1	Yes
Operating System	cisco	ios_xe	16.3.1a	Yes
Operating System	cisco	ios_xe	16.3.2	Yes
Operating System	cisco	ios_xe	16.3.3	Yes
Operating System	cisco	ios_xe	16.3.4	Yes
Operating System	cisco	ios_xe	16.3.5	Yes
Operating System	cisco	ios_xe	16.3.5b	Yes
Operating System	cisco	ios_xe	16.3.6	Yes
Operating System	cisco	ios_xe	16.3.7	Yes
Operating System	cisco	ios_xe	16.3.8	Yes
Operating System	cisco	ios_xe	16.3.9	Yes
Operating System	cisco	ios_xe	16.4.1	Yes
Operating System	cisco	ios_xe	16.4.2	Yes
Operating System	cisco	ios_xe	16.4.3	Yes
Operating System	cisco	ios_xe	16.5.1	Yes
Operating System	cisco	ios_xe	16.5.1a	Yes
Operating System	cisco	ios_xe	16.5.1b	Yes
Operating System	cisco	ios_xe	16.5.2	Yes
Operating System	cisco	ios_xe	16.5.3	Yes
Operating System	cisco	ios_xe	16.6.1	Yes
Operating System	cisco	ios_xe	16.6.2	Yes
Operating System	cisco	ios_xe	16.6.3	Yes
Operating System	cisco	ios_xe	16.6.4	Yes
Operating System	cisco	ios_xe	16.6.4a	Yes
Operating System	cisco	ios_xe	16.6.4s	Yes
Operating System	cisco	ios_xe	16.6.5	Yes
Operating System	cisco	ios_xe	16.6.5a	Yes
Operating System	cisco	ios_xe	16.6.5b	Yes
Operating System	cisco	ios_xe	16.6.6	Yes
Operating System	cisco	ios_xe	16.6.7	Yes
Operating System	cisco	ios_xe	16.6.7a	Yes
Operating System	cisco	ios_xe	16.7.1	Yes
Operating System	cisco	ios_xe	16.7.2	Yes
Operating System	cisco	ios_xe	16.7.3	Yes
Operating System	cisco	ios_xe	16.8.1	Yes
Operating System	cisco	ios_xe	16.8.1a	Yes
Operating System	cisco	ios_xe	16.8.1b	Yes
Operating System	cisco	ios_xe	16.8.1c	Yes
Operating System	cisco	ios_xe	16.8.1s	Yes
Operating System	cisco	ios_xe	16.8.2	Yes
Operating System	cisco	ios_xe	16.8.3	Yes
Operating System	cisco	ios_xe	16.9.1	Yes
Operating System	cisco	ios_xe	16.9.1a	Yes
Operating System	cisco	ios_xe	16.9.1b	Yes
Operating System	cisco	ios_xe	16.9.1c	Yes
Operating System	cisco	ios_xe	16.9.1d	Yes
Operating System	cisco	ios_xe	16.9.1s	Yes
Operating System	cisco	ios_xe	16.9.2	Yes
Operating System	cisco	ios_xe	16.9.2a	Yes
Operating System	cisco	ios_xe	16.9.2s	Yes
Operating System	cisco	ios_xe	16.9.3	Yes
Operating System	cisco	ios_xe	16.9.3a	Yes
Operating System	cisco	ios_xe	16.9.3h	Yes
Operating System	cisco	ios_xe	16.9.3s	Yes
Operating System	cisco	ios_xe	16.9.4	Yes
Operating System	cisco	ios_xe	16.9.4c	Yes
Operating System	cisco	ios_xe	16.10.1	Yes
Operating System	cisco	ios_xe	16.10.1a	Yes
Operating System	cisco	ios_xe	16.10.1b	Yes
Operating System	cisco	ios_xe	16.10.1e	Yes
Operating System	cisco	ios_xe	16.10.1s	Yes
Operating System	cisco	ios_xe	16.10.2	Yes
Operating System	cisco	ios_xe	16.11.1	Yes
Operating System	cisco	ios_xe	16.11.1a	Yes
Operating System	cisco	ios_xe	16.11.1b	Yes
Operating System	cisco	ios_xe	16.11.1c	Yes
Operating System	cisco	ios_xe	16.11.1s	Yes
Operating System	cisco	ios_xe	16.11.2	Yes
Operating System	cisco	ios_xe	16.12.1	Yes
Operating System	cisco	ios_xe	16.12.1a	Yes
Operating System	cisco	ios_xe	16.12.1c	Yes
Operating System	cisco	ios_xe	16.12.1s	Yes
Operating System	cisco	ios_xe	16.12.1t	Yes

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-priv-esc3-GMgnGCHx Patch, Vendor Advisory ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-priv-esc3-GMgnGCHx Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)