Vulnerabilities > CVE-2020-3118 - Out-of-bounds Write vulnerability in Cisco IOS XR

047910
CVSS 8.8 - HIGH
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
low complexity
cisco
CWE-787
nessus

Summary

A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Common Weakness Enumeration (CWE)

Nessus

NASL familyCISCO
NASL idCISCO-SA-20200205-IOSXR-CDP-RCE.NASL
descriptionAccording to its self-reported version, the Cisco IOS XR Software is affected by a remote code execution vulnerability within the Cisco Discovery Protocol due to improper validation of string input. An unauthenticated, adjacent attacker can exploit this to bypass authentication and execute arbitrary commands with root privileges. Please see the included Cisco BIDs and Cisco Security Advisory for more information
last seen2020-05-21
modified2020-02-10
plugin id133603
published2020-02-10
reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/133603
titleCisco IOS XR Software Cisco Discovery Protocol Remote Code Execution Vulnerability (cisco-sa-20200205-iosxr-cdp-rce)

The Hacker News

idTHN:A3840EA7CD9A7AFC6440CDAED21F07D8
last seen2020-02-05
modified2020-02-05
published2020-02-05
reporterThe Hacker News
sourcehttps://thehackernews.com/2020/02/cisco-cdp-vulnerabilities.html
title5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras