CVE-2020-3417
- Source
- https://cve.org/CVERecord?id=CVE-2020-3417
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-3417.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-3417
- Published
- 2020-09-24T18:15:18.730Z
- Modified
- 2026-03-14T10:28:23.112273Z
- Severity
-
- 6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable. A successful exploit could allow the attacker to execute persistent code on the underlying OS. To exploit this vulnerability, the attacker would need access to the root shell on the device or have physical access to the device.
- References
Affected packages
Git /
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-3417.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.0sp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.1asp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.1bsp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.1csp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.1gsp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.1hsp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.1isp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.1sp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.2asp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.2sp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.3asp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.3bsp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.3sp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.4sp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.5sp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.6sp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.7sp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.8asp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.18.8sp"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.4a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.4s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.5a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.5b"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.6.7a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.7.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.7.1a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.7.1b"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.7.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.7.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.7.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.8.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.8.1a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.8.1b"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.8.1c"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.8.1d"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.8.1e"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.8.1s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.8.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.8.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.1a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.1b"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.1c"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.1d"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.1s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.2a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.2s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.3a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.3h"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.3s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.4c"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.9.5f"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.1a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.1b"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.1c"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.1d"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.1e"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.1f"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.1g"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.1s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.10.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.11.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.11.1a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.11.1b"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.11.1c"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.11.1s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.11.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.1a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.1c"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.1s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.1t"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.1w"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.1x"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.1y"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.2a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.2s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.2t"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.12.3a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "17.1.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "17.1.1a"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "17.1.1s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "17.1.1t"
}
]
}
]