Skip to main content

Cisco Products Multiple Vulnerabilities

Last Update Date: 21 Oct 2020 Release Date: 7 Feb 2020 5168 Views

RISK: Extremely High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities were identified in Cisco products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system.

 

[Updated 21-Oct-2020] Note: One of the vulnerabilities (CVE-2020-3118) is currently being exploited in the wild.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • IP phones
  • IOS XR
  • NX-OS

please refer to the link below for detail:
https://tools.cisco.com/security/center/publicationListing.x


Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

  • IP phones

Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos
 

  • IOS XR

Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce
 

  • NX-OS

Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rcehttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos


Vulnerability Identifier


Source


Related Link