CVE-2020-3257 HIGH

CVE-2020-3257: Cisco IOx Application Environment for IOS Software for Cisco Industrial Routers Vulnerabilities

Vendor Cisco
Product Cisco IOS 12.2(60)EZ16
Weakness CWE-20 · Input validation
Published June 3, 2020
Last update November 15, 2024

CVSS base score

8.1/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Key dates

02Disclosure timeline

June 3, 2020 CVE published
November 15, 2024 Record updated