Cisco 809、829 Industrial Integrated Services Routers和Cisco 1000 Series Connected Grid Routers IOS Software 缓冲区错误漏洞
| CNNVD-ID编号 | CNNVD-202006-375 | CVE编号 | CVE-2020-3198 |
| 发布时间 | 2020-06-03 | 更新时间 | 2020-06-10 |
| 漏洞类型 | 缓冲区错误 | 漏洞来源 | N/A |
| 危险等级 | 超危 | 威胁类型 | 远程 |
| 厂商 | N/A | ||
漏洞介绍
Cisco 809 Industrial Integrated Services Routers等都是美国思科(Cisco)公司的产品。Cisco 809 Industrial Integrated Services Routers是一款工业集成多业务路由器。Cisco 829 Industrial Integrated Services Routers是一款工业集成多业务路由器。Cisco 1000 Series Connected Grid Routers是一款1000系列互联网格路由器。Cisco IOS Software是运行在其中的一套为其网络设备开发的软件。
Cisco 809 Industrial ISRs、829 Industrial ISRs和CGR1000中的IOS Software的代码区域(管理虚拟机之间的信令)存在缓冲区错误漏洞,该漏洞源于不正确的边界检查。远程攻击者可通过发送恶意的数据包利用该漏洞造成系统崩溃并重新加载。
漏洞补丁
目前厂商已发布升级了Cisco 809、829 Industrial Integrated Services Routers和Cisco 1000 Series Connected Grid Routers IOS Software 缓冲区错误漏洞的补丁,Cisco 809、829 Industrial Integrated Services Routers和Cisco 1000 Series Connected Grid Routers IOS Software 缓冲区错误漏洞的补丁获取链接:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH
参考网址
来源:tools.cisco.com
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/Cisco-IOS-code-execution-via-Cisco-Industrial-Routers-32415
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.1935/
受影响实体
暂无
信息来源
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202006-375
评论