Monday, February 22, 01:33
Home security Cisco: Vulnerability CVE-2020-3118 is used in some attacks

Cisco: Vulnerability CVE-2020-3118 is used in some attacks

Cisco today warned of some attacks actively targeting the CVE-2020-3118 high-severity vulnerability, which has been found to affect many routers using the company's Cisco IOS XR software.

IOS XR Network OS is deployed on various Cisco routers, including NCS 540 & 560, NCS 5500, 8000 and ASR 9000 routers.


Vulnerability affects third-party white box routers and the following Cisco products if they are running vulnerable versions of Cisco IOS XR software and have enabled Cisco Discovery (both in at least one interface and globally):

  • Services Routers Series ASR 9000
  • Carrier Routing System (CRS)
  • Router IOS XRv 9000
  • (NCS) 540 Series Routers
  • (NCS) 560 Series Routers
  • (NCS) 1000 Series Routers
  • (NCS) 5000 Series Routers
  • (NCS) 5500 Series Routers
  • (NCS) 6000 Series Routers

The attacks began in October

"In October 2020, the Cisco Product Safety Response Team (PSIRT) received reports of some attempts exploitation of this vulnerability ", reports the updated advisory.

“Cisco recommends that customers upgrade to a stable version of Cisco IOS XR software for restoration of this vulnerability. ”

Today, the US National Security Agency (NSA) also included CVE-2020-3118 among the 25 vulnerabilities currently targeted or exploited by Chinese state threat agents.

Intruders could exploit the vulnerability by sending a malicious Cisco Discovery Protocol package to Appliances running a vulnerable version of IOS XR.

Successful exploitation could allow intruders to cause stack overflow that could lead to arbitrary execution code with administrator privileges on the target device.

Fortunately, although this Cisco Discovery Protocol Format String Vulnerability could lead to remote code execution, it can only be used by unauthorized intruders in the same "broadcast domain" as vulnerable devices.

Security updates are available

Cisco fixed security flaw CVE-2020-3118 in February 2020, along with four other serious vulnerabilities discovered by security firm IoT Armis and collectively named CDPwn.

The current status of the versions that come with this vulnerability is shown in the table below (more information on available software upgrades can be found here).


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.


How to make a Facetime Audio call

Tired of low quality cell phone calls? Thanks to FaceTime, you can make high-resolution calls if you use iPhone, iPad, ...

How to add special effects to Instagram messages

Did you know that you can make instant Instagram messages more impressive? Like any other Instagram feature, you can add special ...

Only 270 addresses are responsible for 55% of all money laundering

Cybercriminals who keep their money in cryptocurrencies tend to "launder" money through a small set of online services, according to ...

Twitter: Voice messages are coming! How do we send them?

Twitter will soon support voice messages in both iOS and Android applications. This means that you will be able to send ...

How to connect a Bluetooth headset to a Nintendo Switch

The Nintendo Switch has a headphone jack. However, most headphones have become wireless so you will need a way to connect them ...

How to hide your phone number in Telegram

If you wish to create a Telegram account, you must provide your telephone number. In this way, Telegram validates the ...

Google Assistant: How can you delete your recordings?

Google Assistant can make your daily life much easier. However, it also involves some privacy issues, as ...

Microsoft: Office 2021 / Office LTSC coming in the second half of 2021

Microsoft announced that the Microsoft Office Long Term Service Channel (LTSC) and Office 2021 will be released in 2021, for ...

How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...