var-202009-1134
Vulnerability from variot
A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202009-1134", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ios", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "cisco ios", scope: "eq", trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-011877", }, { db: "NVD", id: "CVE-2020-3426", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:cisco:1240_connected_grid_router:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:cisco:1240_connected_grid_router:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-3426", }, ], }, cve: "CVE-2020-3426", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: null, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULMON", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-3426", impactScore: 4.9, integrityImpact: "NONE", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "MEDIUM", trust: 1.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-3426", impactScore: 5.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.1, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2020-3426", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-3426", trust: 1.8, value: "Critical", }, { author: "CNNVD", id: "CNNVD-202009-1436", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2020-3426", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2020-3426", }, { db: "JVNDB", id: "JVNDB-2020-011877", }, { db: "CNNVD", id: "CNNVD-202009-1436", }, { db: "NVD", id: "CVE-2020-3426", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition", sources: [ { db: "NVD", id: "CVE-2020-3426", }, { db: "JVNDB", id: "JVNDB-2020-011877", }, { db: "VULMON", id: "CVE-2020-3426", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3426", trust: 2.5, }, { db: "JVNDB", id: "JVNDB-2020-011877", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2020.3284", trust: 0.6, }, { db: "NSFOCUS", id: "49408", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202009-1436", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-3426", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2020-3426", }, { db: "JVNDB", id: "JVNDB-2020-011877", }, { db: "CNNVD", id: "CNNVD-202009-1436", }, { db: "NVD", id: "CVE-2020-3426", }, ], }, id: "VAR-202009-1134", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 1, }, last_update_date: "2022-05-04T10:07:25.378000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-ios-lpwa-access-cXsD7PRA", trust: 0.8, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ios-lpwa-access-cxsd7pra", }, { title: "Cisco IOS Software Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=129763", }, { title: "Cisco: Cisco IOS Software for Cisco Industrial Routers Virtual-LPWA Unauthorized Access Vulnerability", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ios-lpwa-access-cxsd7pra", }, { title: "CVE-2020-3426", trust: 0.1, url: "https://github.com/alaial90/cve-2020-3426 ", }, ], sources: [ { db: "VULMON", id: "CVE-2020-3426", }, { db: "JVNDB", id: "JVNDB-2020-011877", }, { db: "CNNVD", id: "CNNVD-202009-1436", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1, }, { problemtype: "Improper authority management (CWE-269) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-011877", }, { db: "NVD", id: "CVE-2020-3426", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ios-lpwa-access-cxsd7pra", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3426", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/49408", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3284/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/cisco-ios-information-disclosure-via-lpwa-33420", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/20.html", }, { trust: 0.1, url: "https://github.com/alaial90/cve-2020-3426", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2020-3426", }, { db: "JVNDB", id: "JVNDB-2020-011877", }, { db: "CNNVD", id: "CNNVD-202009-1436", }, { db: "NVD", id: "CVE-2020-3426", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2020-3426", }, { db: "JVNDB", id: "JVNDB-2020-011877", }, { db: "CNNVD", id: "CNNVD-202009-1436", }, { db: "NVD", id: "CVE-2020-3426", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-09-24T00:00:00", db: "VULMON", id: "CVE-2020-3426", }, { date: "2021-04-19T00:00:00", db: "JVNDB", id: "JVNDB-2020-011877", }, { date: "2020-09-24T00:00:00", db: "CNNVD", id: "CNNVD-202009-1436", }, { date: "2020-09-24T18:15:00", db: "NVD", id: "CVE-2020-3426", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-08-06T00:00:00", db: "VULMON", id: "CVE-2020-3426", }, { date: "2021-04-19T07:59:00", db: "JVNDB", id: "JVNDB-2020-011877", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202009-1436", }, { date: "2021-08-06T19:03:00", db: "NVD", id: "CVE-2020-3426", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202009-1436", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cisco 800 series Industrial Integrated Services Router and Cisco 1000 series Connected Grid For routers Cisco IOS Software permission management vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2020-011877", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-202009-1436", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.