Security Alert (A20-09-07): Multiple Vulnerabilities in Cisco Products


 

Published on: 25 September 2020

Description:

Cisco released security advisories to address multiple vulnerabilities in Cisco products running Cisco IOS and IOS XE.  An attacker could exploit these critical vulnerabilities by various attack vectors such as sending specially crafted packets, requests, traffic pattern or protocol messages to an affected system.  For information about other vulnerabilities, please refer to the corresponding security advisory at the vendor's website.

 

Affected Systems:

  • Cisco products running Cisco IOS Software
  • Cisco products running Cisco IOS XE Software

For detailed information of the affected products, please refer to the section "Affected Products" of corresponding security advisory at vendor's website.

 

Impact:

A successful exploitation could lead to arbitrary code execution, arbitrary command injection, denial of service, privilege escalation, information disclosure, and security restriction bypass on an affected system.

 

Recommendation:

Software updates for affected systems are now available.  System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.  For detailed information of the available patches, please refer to the section "Fixed Software" of corresponding security advisory at vendor's website.

System administrators should contact their product support vendors for the fixes and assistance.

 

More Information:

https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74268
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-zbfw-94ckG4G
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xbace-OnCEbyS
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wpa-dos-cXshjerc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-auth-bypass-6j2BYUc7
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-splitdns-SPWqpdGW
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rommon-secboot-7JgVLVYC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mdns-dos-3tH6cA9J
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-le-drTOB625
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-jw2DJmSv
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-umbrella-dos-t2QMUX37
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-rsp3-rce-jVHg8Z7c
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcp-dos-JSCKX43h
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-priv-esc-K8zvEWM
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esp20-arp-dos-GvHVggqJ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dclass-dos-VKh9D8k3
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confacl-HbPtfSuO
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-TPdNTdyq
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-ShFzXf
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-JP-DOS-g5FfGm8y
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ISR4461-gKKUROhx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-COPS-VLD-MpbTvGEW
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unauth-file-access-eBTWkKVW
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-usb-guestshell-WmevScDj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-iox-app-host-mcZcnsBt
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ctbypass-7QHAfHkK
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cmdinj-2MzhjM6K
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lua-rce-7VeJX4f
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-bgp-evpn-dos-LNfYJxfF
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-info-disclosure-V4BmJBNF
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-file-overwrite-Ynu5PrJD
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-icmpv6-qb9eYyCR
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-WEB-UI-exNFmcPO
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3141
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3393
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3399
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3400
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3407 (to CVE-2020-3409)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3416 (to CVE-2020-3418)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3421 (to CVE-2020-3423)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3425
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3426
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3428
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3429
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3474 (to CVE-2020-3477)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3479
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3480
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3486 (to CVE-2020-3489)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3492 (to CVE-2020-3494)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3497
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3508 (to CVE-2020-3513)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3516
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3524
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3526
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3527

 



Tag: Cisco , Cisco IOS
Tags