CVE-2020-3204

Name: CVE-2020-3204
Creator: NVD / NIST
Published: 2020-06-03T18:15:18.197+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.7/10EPSS 0.38%

Last modified Jun 17, 2026

CVE-2020-3204 is a medium-severity vulnerability rated 6.7/10 on the CVSS scale. A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. EPSS estimates a 0.38% chance of exploitation in the next 30 days.

Description

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to cause memory corruption or execute the code with root privileges on the underlying OS of the affected device.

Metrics

CVSS 3.1

6.7/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.38%

29.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Cisco	Ios	12.2\(6\)i1
Cisco	Ios	12.2\(33\)sre
Cisco	Ios	12.2\(33\)sre0a
Cisco	Ios	12.2\(33\)sre1
Cisco	Ios	12.2\(33\)sre2
Cisco	Ios	12.2\(33\)sre3
Cisco	Ios	12.2\(33\)sre4
Cisco	Ios	12.2\(33\)sre5
Cisco	Ios	12.2\(33\)sre6
Cisco	Ios	12.2\(33\)sre7
Cisco	Ios	12.2\(33\)sre7a
Cisco	Ios	12.2\(33\)sre8
Cisco	Ios	12.2\(33\)sre9
Cisco	Ios	12.2\(33\)sre9a
Cisco	Ios	12.2\(33\)sre10
Cisco	Ios	12.2\(33\)sre11
Cisco	Ios	12.2\(33\)sre12
Cisco	Ios	12.2\(33\)sre13
Cisco	Ios	12.2\(33\)sre14
Cisco	Ios	12.2\(33\)sre15
Cisco	Ios	12.2\(33\)sre15a
Cisco	Ios	12.2\(33\)sxi
Cisco	Ios	12.2\(33\)sxi1
Cisco	Ios	12.2\(33\)sxi2
Cisco	Ios	12.2\(33\)sxi2a
Cisco	Ios	12.2\(33\)sxi3
Cisco	Ios	12.2\(33\)sxi3a
Cisco	Ios	12.2\(33\)sxi3z
Cisco	Ios	12.2\(33\)sxi4
Cisco	Ios	12.2\(33\)sxi4a
Cisco	Ios	12.2\(33\)sxi5
Cisco	Ios	12.2\(33\)sxi5a
Cisco	Ios	12.2\(33\)sxi6
Cisco	Ios	12.2\(33\)sxi7
Cisco	Ios	12.2\(33\)sxi8
Cisco	Ios	12.2\(33\)sxi8a
Cisco	Ios	12.2\(33\)sxi9
Cisco	Ios	12.2\(33\)sxi9a
Cisco	Ios	12.2\(33\)sxi10
Cisco	Ios	12.2\(33\)sxi11
Cisco	Ios	12.2\(33\)sxi12
Cisco	Ios	12.2\(33\)sxi13
Cisco	Ios	12.2\(33\)sxi14
Cisco	Ios	12.2\(33\)sxj
Cisco	Ios	12.2\(33\)sxj1
Cisco	Ios	12.2\(33\)sxj2
Cisco	Ios	12.2\(33\)sxj3
Cisco	Ios	12.2\(33\)sxj4
Cisco	Ios	12.2\(33\)sxj5
Cisco	Ios	12.2\(33\)sxj6

Showing 50 of 1283 affected configurations. See NVD for the full list.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcl-ace-C9KuVKmmPatch, Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcl-ace-C9KuVKmmPatch, Vendor Advisory

Timeline

Published: Jun 3, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-3204?

How severe is CVE-2020-3204?

CVE-2020-3204 has a CVSS score of 6.7/10 (MEDIUM severity). The EPSS model estimates a 0.38% probability of exploitation in the next 30 days.

How do I fix CVE-2020-3204?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-3204?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST