Tuesday, November 24, 23:16
Home security Cisco: Vulnerability CVE-2020-3118 is used in some attacks

Cisco: Vulnerability CVE-2020-3118 is used in some attacks

Cisco today warned of some attacks actively targeting the CVE-2020-3118 high-severity vulnerability, which has been found to affect many routers using the company's Cisco IOS XR software.

IOS XR Network OS is deployed on various Cisco routers, including NCS 540 & 560, NCS 5500, 8000 and ASR 9000 routers.


Vulnerability affects third-party white box routers and the following Cisco products if they are running vulnerable versions of Cisco IOS XR software and have enabled Cisco Discovery (both in at least one interface and globally):

  • Services Routers Series ASR 9000
  • Carrier Routing System (CRS)
  • Router IOS XRv 9000
  • (NCS) 540 Series Routers
  • (NCS) 560 Series Routers
  • (NCS) 1000 Series Routers
  • (NCS) 5000 Series Routers
  • (NCS) 5500 Series Routers
  • (NCS) 6000 Series Routers

The attacks began in October

"In October 2020, the Cisco Product Safety Response Team (PSIRT) received reports of some attempts exploitation of this vulnerability ", reports the updated advisory.

“Cisco recommends that customers upgrade to a stable version of Cisco IOS XR software for restoration of this vulnerability. ”

Today, the US National Security Agency (NSA) also included CVE-2020-3118 among the 25 vulnerabilities currently targeted or exploited by Chinese state threat agents.

Intruders could exploit the vulnerability by sending a malicious Cisco Discovery Protocol package to Appliances running a vulnerable version of IOS XR.

Successful exploitation could allow intruders to cause stack overflow that could lead to arbitrary execution code with administrator privileges on the target device.

Fortunately, although this Cisco Discovery Protocol Format String Vulnerability could lead to remote code execution, it can only be used by unauthorized intruders in the same "broadcast domain" as vulnerable devices.

Security updates are available

Cisco fixed security flaw CVE-2020-3118 in February 2020, along with four other serious vulnerabilities discovered by security firm IoT Armis and collectively named CDPwn.

The current status of the versions that come with this vulnerability is shown in the table below (more information on available software upgrades can be found here).


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.


Amazon - PlayStation 5: Complaints about non-delivery of orders!

Amazon has announced that it is currently investigating what happened to the PlayStation 5's delivery failure after reports of theft ....

How to mute Fleets on Twitter

Twitter "stories", called Fleets, allow you to post content that disappears after 24 hours. But if you want ...

Apple's security chief accused of bribery

A prosecutor in Santa Clara, California, issued an indictment on Monday, accusing Apple security chief Thomas Moyer of offering bribes ...

A mysterious metal monolith was discovered in the Utah desert

A strange metal monolith was found in the Utah desert by a helicopter crew passing through the area!

US election: A small group of accounts spreads fake news

The researchers found that a small group of social media accounts are responsible for spreading fake news about ...

Intel spreads FUD on Ryzen 4000 performance

On Friday, Intel made a presentation to various journalists and analysts telling them that there is a serious discrepancy between the performance of ...

Black Friday: What are Amazon's best deals?

Black Friday is almost here, and we've put together the best deals on Amazon devices. Amazon has an ever-expanding list of devices, ...

Data breach at Bristol City Council

A data breach that took place in the Bristol City Council, resulted in the leak of information such as names and email addresses ...

E-Land-South Korea: Fell ransomware attack

One of the largest retailers in South Korea, E-Land, was forced to close almost half of its stores after a ransomware ...

Investigator breaks down a Tesla Model X in just minutes

A Belgian security researcher has discovered a method that hijacks the firmware of key fobs of the Tesla Model X, allowing him to ...