Strix
26.1K

CVE-2020-3225

HIGHCVSS 8.6/10EPSS 2.11%

Last modified

CVE-2020-3225 is a high-severity vulnerability rated 8.6/10 on the CVSS scale. Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to insufficient input processing of CIP traffic. EPSS estimates a 2.11% chance of exploitation in the next 30 days.

Description

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to insufficient input processing of CIP traffic. An attacker could exploit these vulnerabilities by sending crafted CIP traffic to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Metrics

CVSS 3.1
8.6/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS Probability
2.11%

79.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoIos12.2\(44\)ex
CiscoIos12.2\(44\)ex1
CiscoIos12.2\(46\)se1
CiscoIos12.2\(46\)se2
CiscoIos12.2\(50\)se
CiscoIos12.2\(50\)se1
CiscoIos12.2\(50\)se2
CiscoIos12.2\(50\)se3
CiscoIos12.2\(50\)se4
CiscoIos12.2\(50\)se5
CiscoIos12.2\(52\)se
CiscoIos12.2\(52\)se1
CiscoIos12.2\(55\)se
CiscoIos12.2\(55\)se3
CiscoIos12.2\(55\)se4
CiscoIos12.2\(55\)se5
CiscoIos12.2\(55\)se6
CiscoIos12.2\(55\)se7
CiscoIos12.2\(55\)se9
CiscoIos12.2\(55\)se10
CiscoIos12.2\(55\)se11
CiscoIos12.2\(55\)se12
CiscoIos12.2\(55\)se13
CiscoIos12.2\(55\)se13a
CiscoIos12.2\(58\)se
CiscoIos12.2\(58\)se1
CiscoIos12.2\(58\)se2
CiscoIos12.2\(60\)ez16
CiscoIos15.0\(1\)ey
CiscoIos15.0\(1\)ey1
CiscoIos15.0\(1\)ey2
CiscoIos15.0\(2\)ek
CiscoIos15.0\(2\)ek1
CiscoIos15.0\(2\)ex2
CiscoIos15.0\(2\)ex8
CiscoIos15.0\(2\)ey
CiscoIos15.0\(2\)ey1
CiscoIos15.0\(2\)ey2
CiscoIos15.0\(2\)ey3
CiscoIos15.0\(2\)se
CiscoIos15.0\(2\)se1
CiscoIos15.0\(2\)se2
CiscoIos15.0\(2\)se3
CiscoIos15.0\(2\)se4
CiscoIos15.0\(2\)se5
CiscoIos15.0\(2\)se6
CiscoIos15.0\(2\)se7
CiscoIos15.0\(2\)se8
CiscoIos15.0\(2\)se9
CiscoIos15.0\(2\)se10

Showing 50 of 278 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2020-3225?
Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to insufficient input processing of CIP traffic. An attacker could exploit these vulnerabilities by sending crafted CIP traffic to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
How severe is CVE-2020-3225?
CVE-2020-3225 has a CVSS score of 8.6/10 (HIGH severity). The EPSS model estimates a 2.11% probability of exploitation in the next 30 days.
How do I fix CVE-2020-3225?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-3225?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST