Cisco released 7 security advisories to address vulnerabilities in Cisco products running FXOS and NX-OS as well as those in Cisco Nexus 3000 and 9000 series switches. A local authenticated attacker could login a Cisco Nexus 3000 or 9000 Series Switches to exploit a logic error vulnerability. An attacker could exploit these vulnerabilities by sending specially crafted packets or malicious messages to an affected system. For details about the vulnerabilities, please refer to the corresponding security advisory at the vendor's website.
For detailed information of the affected products, please refer to the section "Affected Products" of corresponding security advisory at vendor's website.
Depending on the vulnerability exploited, a successful exploitation could lead to remote code execution, escalation of privilege, information disclosure or denial of service on an affected system.
Software updates for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. For detailed information of the available patches, please refer to the section "Fixed Software" of corresponding security advisory at vendor's website.
System administrators should contact their product support vendors for the fixes and assistance.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3338
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3394
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3397
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3398
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3415
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3517