← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-3118 — Actively Exploited: IOS XR (Cisco)

Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.

CVE IDCVE-2020-3118
VendorCisco
ProductIOS XR
Vulnerability nameCisco IOS XR Software Discovery Protocol Format String Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionCisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →