CVE-2020-3118
Cisco IOS XR Software Discovery Protocol Format String Vulnerability
CVSS
—
Sin CVSS
EPSS
11.7%
p96
KEV
SÍ
3 nov 2021
Exploit Today
79
0-100
Publicado: — · Última mod.: —
11.7%EPSS · 30 días11.7%
2026-06-302026-07-16
Producto
Cisco / IOS XR
Vulnerabilidad
Cisco IOS XR Software Discovery Protocol Format String Vulnerability
Añadido a KEV
3 nov 2021
Remediar antes de
3 may 2022
Uso conocido en ransomware
No
Descripción resumida
Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2020-3118
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2022-20821—95.6%
KEV—79Cisco IOS XR Open Port Vulnerability—CVE-2010-3035—92.0%
KEV—78Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability—CVE-2020-3566—88.3%
KEV—76Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability—CVE-2009-2055—87.2%
KEV—76Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability—CVE-2020-3569—87.1%
KEV—76Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability—