CVE-2020-3257
HIGHCisco IOS - Denial of Service and Remote Code Execution
Title source: llmDescription
Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References (1)
Core 1
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-gos-vuln-s9qS8kYL
Scores
CVSS v3
8.1
EPSS
0.0012
EPSS Percentile
30.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-119
CWE-20
Status
published
Products (2)
cisco/ios
15.8\(3.0z\)m1
cisco/ios
15.9
Published
Jun 03, 2020
Tracked Since
Feb 18, 2026