VDB

CVE-2020-3225

CVE-2020-3225 PUBLISHED CVSS 8.600000381469727 HIGH

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to insufficient input processing of CIP traffic. An attacker could exploit these vulnerabilities by sending crafted CIP traffic to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

EPSS 1.03% · 77.7th percentile

Risk Scores

CVSS 3.0
8.600000381469727
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS Score
1.03%
77.7th percentile

Affected Products

VendorProductVersions
CiscoCisco IOS 12.2(55)SEn/a
ciscoios_xe16.9.4c, 16.9.5, 16.9.5f
ciscoios15.0\(2\)se4, 15.0\(2\)se6, 15.0\(2\)se7

Exploit Intelligence

Timeline

  • Jun 3, 2020 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Sep 18, 2021 EPSS Score
  • Oct 9, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score

References

…and 5 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›