#VU47213 Exposed dangerous method or function in Cisco ASR 900 Series and Cisco IOS XE - CVE-2020-3513
Published: September 30, 2020
Vulnerability identifier: #VU47213
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-3513
CWE-ID: CWE-749
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco ASR 900 Series
Cisco IOS XE
Cisco ASR 900 Series
Cisco IOS XE
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a local user to execute arbitrary code at bootup and break the chain of trust.
The vulnerability exists due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. A local administrator can copy a specific file to the local file system, define specific ROMMON variables and run arbitrary code on the system with root privileges.
Remediation
Install updates from vendor's website.