Rewterz Threat Advisory – Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities
September 25, 2020Rewterz Threat Advisory – CVE-2020-3426 – Cisco IOS Software for Cisco Industrial Routers information disclosure
September 28, 2020Rewterz Threat Advisory – Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities
September 25, 2020Rewterz Threat Advisory – CVE-2020-3426 – Cisco IOS Software for Cisco Industrial Routers information disclosure
September 28, 2020Severity
High
Analysis Summary
CVE-2020-3141, CVE-2020-3425
Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device.
Impact
Privilege Escalation
Affected Vendors
Cisco
Remediation
Refer to Cisco advisory for the complete list of affected products and respective patches.