Details of VAR-202006-1157

ID

VAR-202006-1157

CVE

CVE-2020-3198

TITLE

Cisco IOS Buffer error vulnerability in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-006138

DESCRIPTION

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory. Cisco IOS The software contains a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco 809 Industrial Integrated Services Routers, etc. are all products of the United States Cisco (Cisco) company. Cisco 809 Industrial Integrated Services Routers is an industrial integrated multi-service router. Cisco 829 Industrial Integrated Services Routers is an industrial integrated multi-service router. Cisco 1000 Series Connected Grid Routers is a 1000 series Internet grid router. Cisco IOS Software is a set of software developed for its network equipment running on it. Cisco 809 Industrial ISRs, 829 Industrial ISRs, and the IOS Software code area (management of signaling between virtual machines) in CGR1000 has a buffer overflow vulnerability that originates from a wrong boundary check. A remote attacker can exploit the vulnerability by sending a malicious data packet to cause the system to crash and reload

Trust: 2.16

sources: NVD: CVE-2020-3198 // JVNDB: JVNDB-2020-006138 // CNVD: CNVD-2020-31825

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-31825

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m10	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.9\(3\)m0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)t4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m6a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m10	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)t1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jaa1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)t4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m3b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m6a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m2a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m3a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m1b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(2\)cg	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m4a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jpj	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(60\)ez16	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m6a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m3a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.9\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)sg11a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m11	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)t3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)m6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m6b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m4a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)t3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)cg	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m2a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m4b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	industrial integrated services routers	scope:	eq	version:	809	Trust: 0.6
vendor:	cisco	model:	industrial integrated services routers	scope:	eq	version:	829	Trust: 0.6
vendor:	cisco	model:	series connected grid routers	scope:	eq	version:	1000	Trust: 0.6

sources: CNVD: CNVD-2020-31825 // JVNDB: JVNDB-2020-006138 // NVD: CVE-2020-3198

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3198
value:	CRITICAL
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3198
value:	CRITICAL
Trust: 1.0
NVD:	JVNDB-2020-006138
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2020-31825
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202006-375
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2020-3198
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-006138
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-31825
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-3198
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3198
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	JVNDB-2020-006138
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-31825 // JVNDB: JVNDB-2020-006138 // CNNVD: CNNVD-202006-375 // NVD: CVE-2020-3198 // NVD: CVE-2020-3198

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.8
problemtype:	CWE-787	Trust: 1.0

sources: JVNDB: JVNDB-2020-006138 // NVD: CVE-2020-3198

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202006-375

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202006-375

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-006138

PATCH

title:	cisco-sa-ios-iot-rce-xYRSeMNH	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH	Trust: 0.8
title:	Patch for Cisco 809, 829 Industrial Integrated Services Routers and Cisco 1000 Series Connected Grid Routers IOS Software buffer overflow vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/220563	Trust: 0.6
title:	Cisco 809 , 829 Industrial Integrated Services Routers and Cisco 1000 Series Connected Grid Routers IOS Software Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=120272	Trust: 0.6

sources: CNVD: CNVD-2020-31825 // JVNDB: JVNDB-2020-006138 // CNNVD: CNNVD-202006-375

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3198	Trust: 3.0
db:	JVNDB	id:	JVNDB-2020-006138	Trust: 0.8
db:	CNVD	id:	CNVD-2020-31825	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1935	Trust: 0.6
db:	CNNVD	id:	CNNVD-202006-375	Trust: 0.6

sources: CNVD: CNVD-2020-31825 // JVNDB: JVNDB-2020-006138 // CNNVD: CNNVD-202006-375 // NVD: CVE-2020-3198

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ios-iot-rce-xyrsemnh	Trust: 2.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3198	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3198	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-ios-code-execution-via-cisco-industrial-routers-32415	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1935/	Trust: 0.6

sources: CNVD: CNVD-2020-31825 // JVNDB: JVNDB-2020-006138 // CNNVD: CNNVD-202006-375 // NVD: CVE-2020-3198

SOURCES

db:	CNVD	id:	CNVD-2020-31825
db:	JVNDB	id:	JVNDB-2020-006138
db:	CNNVD	id:	CNNVD-202006-375
db:	NVD	id:	CVE-2020-3198

LAST UPDATE DATE

2024-11-23T21:59:12.056000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-31825	date:	2020-07-07T00:00:00
db:	JVNDB	id:	JVNDB-2020-006138	date:	2020-07-01T00:00:00
db:	CNNVD	id:	CNNVD-202006-375	date:	2021-10-20T00:00:00
db:	NVD	id:	CVE-2020-3198	date:	2024-11-21T05:30:31.917

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-31825	date:	2020-06-08T00:00:00
db:	JVNDB	id:	JVNDB-2020-006138	date:	2020-07-01T00:00:00
db:	CNNVD	id:	CNNVD-202006-375	date:	2020-06-03T00:00:00
db:	NVD	id:	CVE-2020-3198	date:	2020-06-03T18:15:16.917