CVE-2020-3569
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
CVSS
—
No CVSS
EPSS
3.3%
p87
KEV
YES
Nov 3, 2021
Exploit Today
76
0-100
Published: — · Last modified: —
3.3%EPSS · 30 days3.3%
2026-06-302026-07-16
Product
Cisco / IOS XR
Vulnerability
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
May 3, 2022
Known ransomware use
No
Summary description
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-3569
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2022-20821—95.6%
KEV—79Cisco IOS XR Open Port Vulnerability—CVE-2020-3118—95.6%
KEV—79Cisco IOS XR Software Discovery Protocol Format String Vulnerability—CVE-2010-3035—92.0%
KEV—78Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability—CVE-2020-3566—88.3%
KEV—76Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability—CVE-2009-2055—87.2%
KEV—76Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability—