CVE-2020-3118: Cisco IOS XR Software Discovery Protocol Format String

Cisco IOS XR Software Discovery Protocol Format String Vulnerability. Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.

• CISA KEV-listed (remediation due 2022-05-03)
• EPSS 0.2% (42.3% percentile)

Browse the CVE database

Read the full analysis on IntelFusions