Vulnerabilities > Cisco > IOS XE ROM Monitor
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-10 | CVE-2022-20864 | Unspecified vulnerability in Cisco IOS XE ROM Monitor A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. low complexity cisco | 4.6 |
| 2021-03-24 | CVE-2021-1452 | OS Command Injection vulnerability in Cisco IOS XE ROM Monitor A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. | 6.8 |
| 2020-09-24 | CVE-2020-3524 | Missing Authorization vulnerability in Cisco IOS XE ROM Monitor 15.6(18R)/16.2(1R) A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. | 6.8 |