// For flags

CVE-2020-3216

Cisco IOS XE SD-WAN Software Authentication Bypass Vulnerability

Severity Score

6.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device.

Una vulnerabilidad en Cisco IOS XE SD-WAN Software, podría permitir a un atacante físico no autenticado omitir la autenticación y conseguir acceso sin restricciones al shell root de un dispositivo afectado. La vulnerabilidad se presenta porque el software afectado presenta mecanismos de autenticación insuficientes para determinados comandos. Un atacante podría explotar esta vulnerabilidad al detener la inicialización de arranque de un dispositivo afectado. Una explotación con éxito podría permitir al atacante omitir la autenticación y conseguir acceso sin restricciones al shell root del dispositivo afectado.

*Credits: N/A
CVSS Scores
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-12-12 CVE Reserved
  • 2020-06-03 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-287: Improper Authentication
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
 Ios Xe Sd-wan
Search vendor "Cisco" for product "Ios Xe Sd-wan"
 16.9.0
Search vendor "Cisco" for product "Ios Xe Sd-wan" and version "16.9.0"
-
Affected
Cisco
Search vendor "Cisco"
 Ios Xe Sd-wan
Search vendor "Cisco" for product "Ios Xe Sd-wan"
 16.9.1
Search vendor "Cisco" for product "Ios Xe Sd-wan" and version "16.9.1"
-
Affected
Cisco
Search vendor "Cisco"
 Ios Xe Sd-wan
Search vendor "Cisco" for product "Ios Xe Sd-wan"
 16.9.2
Search vendor "Cisco" for product "Ios Xe Sd-wan" and version "16.9.2"
-
Affected
Cisco
Search vendor "Cisco"
 Ios Xe Sd-wan
Search vendor "Cisco" for product "Ios Xe Sd-wan"
 16.9.3
Search vendor "Cisco" for product "Ios Xe Sd-wan" and version "16.9.3"
-
Affected
Cisco
Search vendor "Cisco"
 Ios Xe Sd-wan
Search vendor "Cisco" for product "Ios Xe Sd-wan"
 16.9.4
Search vendor "Cisco" for product "Ios Xe Sd-wan" and version "16.9.4"
-
Affected
Cisco
Search vendor "Cisco"
 Ios Xe Sd-wan
Search vendor "Cisco" for product "Ios Xe Sd-wan"
 16.10.0
Search vendor "Cisco" for product "Ios Xe Sd-wan" and version "16.10.0"
-
Affected
Cisco
Search vendor "Cisco"
 Ios Xe Sd-wan
Search vendor "Cisco" for product "Ios Xe Sd-wan"
 16.10.1
Search vendor "Cisco" for product "Ios Xe Sd-wan" and version "16.10.1"
-
Affected