CVE-2020-3524

Summary

CVE	CVE-2020-3524
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2020-09-24 18:15:00 UTC
Updated	2023-05-22 18:57:00 UTC
Description	A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. The vulnerability is due to the presence of a debugging configuration option in the affected software. An attacker could exploit this vulnerability by connecting to an affected device through the console, forcing the device into ROMMON mode, and writing a malicious pattern using that specific option on the device. A successful exploit could allow the attacker to break the chain of trust and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.

Risk And Classification

Problem Types: CWE-862

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Cisco	4221 Integrated Services Router	-	All	All	All
Hardware	Cisco	4331 Integrated Services Router	-	All	All	All
Hardware	Cisco	4431 Integrated Services Router	-	All	All	All
Hardware	Cisco	4461 Integrated Services Router	-	All	All	All
Hardware	Cisco	Asr-920-10sz-pd	-	All	All	All
Hardware	Cisco	Asr-920-10sz-pd	-	All	All	All
Hardware	Cisco	Asr-920-12cz-a	-	All	All	All
Hardware	Cisco	Asr-920-12cz-a	-	All	All	All
Hardware	Cisco	Asr-920-12cz-d	-	All	All	All
Hardware	Cisco	Asr-920-12cz-d	-	All	All	All
Hardware	Cisco	Asr-920-12sz-a	-	All	All	All
Hardware	Cisco	Asr-920-12sz-a	-	All	All	All
Hardware	Cisco	Asr-920-12sz-d	-	All	All	All
Hardware	Cisco	Asr-920-12sz-d	-	All	All	All
Hardware	Cisco	Asr-920-20sz-m	-	All	All	All
Hardware	Cisco	Asr-920-20sz-m	-	All	All	All
Hardware	Cisco	Asr-920-24sz-im	-	All	All	All
Hardware	Cisco	Asr-920-24sz-im	-	All	All	All
Hardware	Cisco	Asr-920-24sz-m	-	All	All	All
Hardware	Cisco	Asr-920-24sz-m	-	All	All	All
Hardware	Cisco	Asr-920-24tz-m	-	All	All	All
Hardware	Cisco	Asr-920-24tz-m	-	All	All	All
Hardware	Cisco	Asr-920-4sz-a	-	All	All	All
Hardware	Cisco	Asr-920-4sz-a	-	All	All	All
Hardware	Cisco	Asr-920-4sz-d	-	All	All	All
Hardware	Cisco	Asr-920-4sz-d	-	All	All	All
Hardware	Cisco	Asr 1000-x	-	All	All	All
Hardware	Cisco	Asr 1000-x	-	All	All	All
Hardware	Cisco	Asr 1001	-	All	All	All
Hardware	Cisco	Asr 1001	-	All	All	All
Hardware	Cisco	Asr 1001-x	-	All	All	All
Hardware	Cisco	Asr 1001-x	-	All	All	All
Hardware	Cisco	Asr 1002	-	All	All	All
Hardware	Cisco	Asr 1002	-	All	All	All
Hardware	Cisco	Asr 1002-x	-	All	All	All
Hardware	Cisco	Asr 1002-x	-	All	All	All
Hardware	Cisco	Asr 1004	-	All	All	All
Hardware	Cisco	Asr 1004	-	All	All	All
Hardware	Cisco	Asr 1006	-	All	All	All
Hardware	Cisco	Asr 1006	-	All	All	All
Hardware	Cisco	Asr 1013	-	All	All	All
Hardware	Cisco	Asr 1013	-	All	All	All
Hardware	Cisco	Asr 920u-12sz-im	-	All	All	All
Hardware	Cisco	Asr 920u-12sz-im	-	All	All	All
Hardware	Cisco	Cbr8	-	All	All	All
Hardware	Cisco	Cbr8	-	All	All	All
Operating System	Cisco	Ios Xe Rom Monitor	All	All	All	All
Operating System	Cisco	Ios Xe Rom Monitor	All	All	All	All
Hardware	Cisco	Isr 4221	-	All	All	All
Hardware	Cisco	Isr 4221	-	All	All	All
Hardware	Cisco	Isr 4331	-	All	All	All
Hardware	Cisco	Isr 4331	-	All	All	All
Hardware	Cisco	Isr 4431	-	All	All	All
Hardware	Cisco	Isr 4431	-	All	All	All
Hardware	Cisco	Isr 4461	-	All	All	All
Hardware	Cisco	Isr 4461	-	All	All	All

References

Reference	Source	Link	Tags
Cisco IOS XE ROM Monitor Software Vulnerability	CISCO	tools.cisco.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.