Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-3512

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Published

2020-09-24T18:15:21.323

Last Modified

2024-11-21T05:31:13.510

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.4 (HIGH)

CVSSv2 Vector

AV:A/AC:M/Au:N/C:N/I:N/A:C

Access Vector: ADJACENT_NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

5.5

Impact Score

6.9

Weaknesses

Type: Secondary
CWE-388
Type: Primary
CWE-400

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	ios_xe	15.2\(7\)e	Yes
Hardware	cisco	catalyst_3650-12x48uq	-	No
Hardware	cisco	catalyst_3650-12x48ur	-	No
Hardware	cisco	catalyst_3650-12x48uz	-	No
Hardware	cisco	catalyst_3650-24pd	-	No
Hardware	cisco	catalyst_3650-24pdm	-	No
Hardware	cisco	catalyst_3650-48fqm	-	No
Hardware	cisco	catalyst_3650-8x24uq	-	No
Hardware	cisco	catalyst_3850-24xs	-	No
Hardware	cisco	catalyst_3850-48xs	-	No
Hardware	cisco	catalyst_3850-nm-2-40g	-	No
Hardware	cisco	catalyst_3850-nm-8-10g	-	No
Hardware	cisco	catalyst_c9200-24p	-	No
Hardware	cisco	catalyst_c9200-24t	-	No
Hardware	cisco	catalyst_c9200-48p	-	No
Hardware	cisco	catalyst_c9200-48t	-	No
Hardware	cisco	catalyst_c9200l-24p-4g	-	No
Hardware	cisco	catalyst_c9200l-24p-4x	-	No
Hardware	cisco	catalyst_c9200l-24pxg-2y	-	No
Hardware	cisco	catalyst_c9200l-24pxg-4x	-	No
Hardware	cisco	catalyst_c9200l-24t-4g	-	No
Hardware	cisco	catalyst_c9200l-24t-4x	-	No
Hardware	cisco	catalyst_c9200l-48p-4g	-	No
Hardware	cisco	catalyst_c9200l-48p-4x	-	No
Hardware	cisco	catalyst_c9200l-48pxg-2y	-	No
Hardware	cisco	catalyst_c9200l-48pxg-4x	-	No
Hardware	cisco	catalyst_c9200l-48t-4g	-	No
Hardware	cisco	catalyst_c9200l-48t-4x	-	No
Hardware	cisco	catalyst_c9300-24p	-	No
Hardware	cisco	catalyst_c9300-24s	-	No
Hardware	cisco	catalyst_c9300-24t	-	No
Hardware	cisco	catalyst_c9300-24u	-	No
Hardware	cisco	catalyst_c9300-24ux	-	No
Hardware	cisco	catalyst_c9300-48p	-	No
Hardware	cisco	catalyst_c9300-48s	-	No
Hardware	cisco	catalyst_c9300-48t	-	No
Hardware	cisco	catalyst_c9300-48u	-	No
Hardware	cisco	catalyst_c9300-48un	-	No
Hardware	cisco	catalyst_c9300-48uxm	-	No
Hardware	cisco	catalyst_c9300l-24p-4g	-	No
Hardware	cisco	catalyst_c9300l-24p-4x	-	No
Hardware	cisco	catalyst_c9300l-24t-4g	-	No
Hardware	cisco	catalyst_c9300l-24t-4x	-	No
Hardware	cisco	catalyst_c9300l-48p-4g	-	No
Hardware	cisco	catalyst_c9300l-48p-4x	-	No
Hardware	cisco	catalyst_c9300l-48t-4g	-	No
Hardware	cisco	catalyst_c9300l-48t-4x	-	No
Hardware	cisco	catalyst_c9404r	-	No
Hardware	cisco	catalyst_c9407r	-	No
Hardware	cisco	catalyst_c9410r	-	No
Hardware	cisco	catalyst_c9500-12q	-	No
Hardware	cisco	catalyst_c9500-16x	-	No
Hardware	cisco	catalyst_c9500-24q	-	No
Hardware	cisco	catalyst_c9500-24y4c	-	No
Hardware	cisco	catalyst_c9500-32c	-	No
Hardware	cisco	catalyst_c9500-32qc	-	No
Hardware	cisco	catalyst_c9500-40x	-	No
Hardware	cisco	catalyst_c9500-48y4c	-	No
Hardware	cisco	connected_grid_switch_2520	-	No
Hardware	cisco	ess_2020	-	No
Hardware	cisco	ess_3300	-	No
Hardware	cisco	ie-1000	-	No
Hardware	cisco	ie-2000u-16tc-g	-	No
Hardware	cisco	ie-2000u-16tc-g-x	-	No
Hardware	cisco	ie-2000u-16tc-gp	-	No
Hardware	cisco	ie-2000u-4s-g	-	No
Hardware	cisco	ie-2000u-4t-gs	-	No
Hardware	cisco	ie-2000u-4ts-g	-	No
Hardware	cisco	ie-2000u-8tc-g	-	No
Hardware	cisco	ie-3000	-	No
Hardware	cisco	ie-3010-16s-8pc_industrial_ethernet_switch	-	No
Hardware	cisco	ie-3010-24tc_industrial_ethernet_switch	-	No
Hardware	cisco	ie-3200-8p2s-e	-	No
Hardware	cisco	ie-3200-8t2s-e	-	No
Hardware	cisco	ie-3300-8p2s-a	-	No
Hardware	cisco	ie-3300-8p2s-e	-	No
Hardware	cisco	ie-3300-8t2s-a	-	No
Hardware	cisco	ie-3300-8t2s-e	-	No
Hardware	cisco	ie-3300-8t2x-a	-	No
Hardware	cisco	ie-3300-8t2x-e	-	No
Hardware	cisco	ie-3300-8u2x-a	-	No
Hardware	cisco	ie-3300-8u2x-e	-	No
Hardware	cisco	ie-3400-8p2s-a	-	No
Hardware	cisco	ie-3400-8p2s-e	-	No
Hardware	cisco	ie-3400-8t2s-a	-	No
Hardware	cisco	ie-3400-8t2s-e	-	No
Hardware	cisco	ie-4000-16gt4g-e	-	No
Hardware	cisco	ie-4000-16t4g-e	-	No
Hardware	cisco	ie-4000-4gc4gp4g-e	-	No
Hardware	cisco	ie-4000-4gs8gp4g-e	-	No
Hardware	cisco	ie-4000-4s8p4g-e	-	No
Hardware	cisco	ie-4000-4t4p4g-e	-	No
Hardware	cisco	ie-4000-4tc4g-e	-	No
Hardware	cisco	ie-4000-8gs4g-e	-	No
Hardware	cisco	ie-4000-8gt4g-e	-	No
Hardware	cisco	ie-4000-8gt8gp4g-e	-	No
Hardware	cisco	ie-4000-8s4g-e	-	No
Hardware	cisco	ie-4000-8t4g-e	-	No
Hardware	cisco	ie-4010-16s12p_industrial_ethernet_switch	-	No
Hardware	cisco	ie-4010-4s24p_industrial_ethernet_switch	-	No
Hardware	cisco	ie-5000-12s12p-10g	-	No
Hardware	cisco	ie-5000-16s12p	-	No
Hardware	cisco	ie_2000-16ptc-g_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-16t67_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-16t67p_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-16tc-g-e_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-16tc-g-n_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-16tc-g-x_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-16tc-g_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-16tc_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-24t67_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-4s-ts-g_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-4t-g_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-4t_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-4ts-g_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-4ts_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-8t67_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-8t67p_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-8tc-g-e_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-8tc-g-n_industrial_ethernet_switch	-	No
Hardware	cisco	ie_2000-8tc-g_industrial_ethernet_switch	-	No
Hardware	cisco	iem-3300-14t2s	-	No
Hardware	cisco	iem-3300-16p	-	No
Hardware	cisco	iem-3300-16t	-	No
Hardware	cisco	iem-3300-4mu-2	-	No
Hardware	cisco	iem-3300-6t2s	-	No
Hardware	cisco	iem-3300-8p	-	No
Hardware	cisco	iem-3300-8s	-	No
Hardware	cisco	iem-3300-8t	-	No
Hardware	cisco	iem-3400-8p	-	No
Hardware	cisco	iem-3400-8s	-	No
Hardware	cisco	iem-3400-8t	-	No

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5 Vendor Advisory ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)