Attacker Value
Unknown
CVE-2020-3213
CVE-2020-3213
(Last updated February 21, 2025) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. The vulnerability is due to the ROMMON allowing for special parameters to be passed to the device at initial boot up. An attacker could exploit this vulnerability by sending parameters to the device at initial boot up. An exploit could allow the attacker to elevate from a Priv15 user to the root user and execute arbitrary commands with the privileges of the root user.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
6.7 Medium
Impact Score:
5.9
Exploitability Score:
0.8
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
High
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
Products
- ios xe 16.1.1,
- ios xe 16.1.2,
- ios xe 16.1.3,
- ios xe 16.10.1,
- ios xe 16.10.1a,
- ios xe 16.10.1b,
- ios xe 16.10.1e,
- ios xe 16.10.1s,
- ios xe 16.10.2,
- ios xe 16.11.1,
- ios xe 16.11.1a,
- ios xe 16.11.1b,
- ios xe 16.11.1c,
- ios xe 16.11.1s,
- ios xe 16.11.2,
- ios xe 16.12.1,
- ios xe 16.12.1a,
- ios xe 16.12.1c,
- ios xe 16.12.1s,
- ios xe 16.12.1t,
- ios xe 16.2.1,
- ios xe 16.2.2,
- ios xe 16.3.1,
- ios xe 16.3.1a,
- ios xe 16.3.2,
- ios xe 16.3.3,
- ios xe 16.3.4,
- ios xe 16.3.5,
- ios xe 16.3.5b,
- ios xe 16.3.6,
- ios xe 16.3.7,
- ios xe 16.3.8,
- ios xe 16.3.9,
- ios xe 16.4.1,
- ios xe 16.4.2,
- ios xe 16.4.3,
- ios xe 16.5.1,
- ios xe 16.5.1a,
- ios xe 16.5.1b,
- ios xe 16.5.2,
- ios xe 16.5.3,
- ios xe 16.6.1,
- ios xe 16.6.2,
- ios xe 16.6.3,
- ios xe 16.6.4,
- ios xe 16.6.4a,
- ios xe 16.6.4s,
- ios xe 16.6.5,
- ios xe 16.6.5a,
- ios xe 16.6.5b,
- ios xe 16.6.6,
- ios xe 16.6.7,
- ios xe 16.6.7a,
- ios xe 16.7.1,
- ios xe 16.7.2,
- ios xe 16.7.3,
- ios xe 16.8.1,
- ios xe 16.8.1a,
- ios xe 16.8.1b,
- ios xe 16.8.1c,
- ios xe 16.8.1s,
- ios xe 16.8.2,
- ios xe 16.8.3,
- ios xe 16.9.1,
- ios xe 16.9.1a,
- ios xe 16.9.1b,
- ios xe 16.9.1c,
- ios xe 16.9.1d,
- ios xe 16.9.1s,
- ios xe 16.9.2,
- ios xe 16.9.2a,
- ios xe 16.9.2s,
- ios xe 16.9.3,
- ios xe 16.9.3a,
- ios xe 16.9.3h,
- ios xe 16.9.3s,
- ios xe 16.9.4,
- ios xe 16.9.4c,
- ios xe 3.10.0s,
- ios xe 3.10.10s,
- ios xe 3.10.1s,
- ios xe 3.10.2as,
- ios xe 3.10.2s,
- ios xe 3.10.2ts,
- ios xe 3.10.3s,
- ios xe 3.10.4s,
- ios xe 3.10.5s,
- ios xe 3.10.6s,
- ios xe 3.10.7s,
- ios xe 3.10.8as,
- ios xe 3.10.8s,
- ios xe 3.10.9s,
- ios xe 3.11.0s,
- ios xe 3.11.1s,
- ios xe 3.11.2s,
- ios xe 3.11.3s,
- ios xe 3.11.4s,
- ios xe 3.12.0as,
- ios xe 3.12.0s,
- ios xe 3.12.1s,
- ios xe 3.12.2s,
- ios xe 3.12.3s,
- ios xe 3.12.4s,
- ios xe 3.13.0as,
- ios xe 3.13.0s,
- ios xe 3.13.10s,
- ios xe 3.13.1s,
- ios xe 3.13.2as,
- ios xe 3.13.2s,
- ios xe 3.13.3s,
- ios xe 3.13.4s,
- ios xe 3.13.5as,
- ios xe 3.13.5s,
- ios xe 3.13.6as,
- ios xe 3.13.6bs,
- ios xe 3.13.6s,
- ios xe 3.13.7as,
- ios xe 3.13.7s,
- ios xe 3.13.8s,
- ios xe 3.13.9s,
- ios xe 3.14.0s,
- ios xe 3.14.1s,
- ios xe 3.14.2s,
- ios xe 3.14.3s,
- ios xe 3.14.4s,
- ios xe 3.15.0s,
- ios xe 3.15.1cs,
- ios xe 3.15.1s,
- ios xe 3.15.2s,
- ios xe 3.15.3s,
- ios xe 3.15.4s,
- ios xe 3.16.0as,
- ios xe 3.16.0bs,
- ios xe 3.16.0cs,
- ios xe 3.16.0s,
- ios xe 3.16.10s,
- ios xe 3.16.1as,
- ios xe 3.16.2as,
- ios xe 3.16.2bs,
- ios xe 3.16.2s,
- ios xe 3.16.3as,
- ios xe 3.16.3s,
- ios xe 3.16.4as,
- ios xe 3.16.4bs,
- ios xe 3.16.4cs,
- ios xe 3.16.4ds,
- ios xe 3.16.4es,
- ios xe 3.16.4gs,
- ios xe 3.16.4s,
- ios xe 3.16.5as,
- ios xe 3.16.5bs,
- ios xe 3.16.5s,
- ios xe 3.16.6bs,
- ios xe 3.16.6s,
- ios xe 3.16.7as,
- ios xe 3.16.7bs,
- ios xe 3.16.7s,
- ios xe 3.16.8s,
- ios xe 3.16.9s,
- ios xe 3.17.0s,
- ios xe 3.17.1as,
- ios xe 3.17.1s,
- ios xe 3.17.2s,
- ios xe 3.17.3s,
- ios xe 3.17.4s,
- ios xe 3.18.0s,
- ios xe 3.18.0sp,
- ios xe 3.18.1bsp,
- ios xe 3.18.1csp,
- ios xe 3.18.1gsp,
- ios xe 3.18.1hsp,
- ios xe 3.18.1isp,
- ios xe 3.18.1s,
- ios xe 3.18.1sp,
- ios xe 3.18.2s,
- ios xe 3.18.2sp,
- ios xe 3.18.3s,
- ios xe 3.18.3sp,
- ios xe 3.18.4s,
- ios xe 3.18.4sp,
- ios xe 3.18.5sp,
- ios xe 3.18.6sp,
- ios xe 3.18.7sp,
- ios xe 3.18.8sp,
- ios xe 3.8.0s,
- ios xe 3.8.1s,
- ios xe 3.8.2s,
- ios xe 3.9.0as,
- ios xe 3.9.0s,
- ios xe 3.9.1as,
- ios xe 3.9.1s,
- ios xe 3.9.2s
Weaknesses
