Vulnerabilities > Cisco > IOS XE > 16.9.4c
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-3218 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code with root privileges on the underlying Linux shell. | 9.0 |
| 2020-06-03 | CVE-2020-3213 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. | 7.2 |
| 2020-06-03 | CVE-2020-3209 | Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XE A vulnerability in software image verification in Cisco IOS XE Software could allow an unauthenticated, physical attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. | 7.2 |
| 2020-06-03 | CVE-2020-3204 | Improper Input Validation vulnerability in Cisco IOS A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. | 7.2 |
| 2020-06-03 | CVE-2020-3201 | Improper Input Validation vulnerability in Cisco IOS A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. | 4.9 |
| 2020-02-19 | CVE-2019-1950 | Insecure Default Initialization of Resource vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. | 8.4 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-03-28 | CVE-2019-1740 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.8 |