Cisco IOS XE Software Privilege Escalation Vulnerability
CVE-2020-3214

6.7MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco iOS Xe Software 16.11.1
Vendor
CVE Published:
3 June 2020

Badges

👾 Exploit Exists

Summary

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. The vulnerability is due to insufficient validation of user-supplied content. This vulnerability could allow an attacker to load malicious software onto an affected device.

Affected Version(s)

Cisco IOS XE Software 16.11.1

References

https://tools.cisco.com/security/center/content/CiscoSecu...
vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.