Cisco has confirmed that it has fixed many vulnerabilities in Cisco IOS Routers, including more than 20 vulnerabilities that are affecting the company’s industrial routers and switches. 25 vulnerabilities of high and critical severity levels were eliminated as part of IOS and IOS XE.
Moreover, the company has also shared details a number of other recommendations as well on problems of high and medium severity affecting the iOS and other software.
The most serious critical issue is CVE-2020-3205, which allows an unauthenticated attacker to execute arbitrary shell commands on a VDS server.
An attacker can exploit this security flaw by simply sending specially crafted packets to the victim’s device, and a successful attack can lead to a complete compromise of the system.
Another critical vulnerability, which received the identifier CVE-2020-3198, and it’s also similar to the first one.
It allows an unauthenticated attacker to remotely execute the arbitrary code on the vulnerable system, that simply cause a crash and then reboot the device, by sending the malicious packets to the device.
These issues affect the Cisco ISR 809 and 829 Industrial Routers and the 1000 Series CGRs as well.
Apart from this, they also identified the CVE-2020-3227 as critical; in short, it is also no less dangerous than the previous ones, as this flaw has scored 9.8 points out of 10 on the CVSS scale.
Cybersecurity getting more complicated every day. Hackers are becoming more strong in 2020 and we saw a big increase in the number of cyberattacks.