CVSS: 4.9EPSS: 0%CPEs: 240EXPL: 0CVE-2022-20864 – Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-20864
10 Oct 2022 — A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2021-1452 – Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2021-1452
24 Mar 2021 — A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this v... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.9EPSS: 0%CPEs: 29EXPL: 0CVE-2020-3524 – Cisco IOS XE ROM Monitor Software Vulnerability
https://notcve.org/view.php?id=CVE-2020-3524
24 Sep 2020 — A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. The vulnerability is due to the presence of a debugging configuration option in the affected software. An att... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rommon-secboot-7JgVLVYC • CWE-284: Improper Access Control CWE-862: Missing Authorization •