CVE & CISA-KEV Catalog

CVE-2020-3284

CRITICALEPSS 85th pctl
9.8
CVSS v3
NVD

Description

A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.

How to fix

Remediation Available
a99-rp2-se firmwareNVD
Affected:< 14.35Fixed in:14.35CVE-2020-3284derived from NVD
a99-rp2-tr firmwareNVD
Affected:< 14.35Fixed in:14.35CVE-2020-3284derived from NVD
a99-rp3-se firmwareNVD
Affected:< 30.23Fixed in:30.23CVE-2020-3284derived from NVD
a99-rp3-tr firmwareNVD
Affected:< 30.23Fixed in:30.23CVE-2020-3284derived from NVD
a99-rsp-se firmwareNVD
Affected:< 16.14Fixed in:16.14CVE-2020-3284derived from NVD
a99-rsp-tr firmwareNVD
Affected:< 16.14Fixed in:16.14CVE-2020-3284derived from NVD
a9k-rsp5-se firmwareNVD
Affected:< 31.20Fixed in:31.20CVE-2020-3284derived from NVD
a9k-rsp5-tr firmwareNVD
Affected:< 31.20Fixed in:31.20CVE-2020-3284derived from NVD
a9k-rsp880-lt-se firmwareNVD
Affected:< 17.34Fixed in:17.34CVE-2020-3284derived from NVD
a9k-rsp880-lt-tr firmwareNVD
Affected:< 17.34Fixed in:17.34CVE-2020-3284derived from NVD
a9k-rsp880-se firmwareNVD
Affected:< 10.65Fixed in:10.65CVE-2020-3284derived from NVD
a9k-rsp880-tr firmwareNVD
Affected:< 10.65Fixed in:10.65CVE-2020-3284derived from NVD
asr-9901-rp firmwareNVD
Affected:< 22.20Fixed in:22.20CVE-2020-3284derived from NVD
ios xrNVD
Affected:< 6.6.25Fixed in:6.6.25CVE-2020-3284derived from NVD
n540-12z20g-sys-a\/d firmwareNVD
Affected:< 1.15Fixed in:1.15CVE-2020-3284derived from NVD
n540-24z8q2c-m firmwareNVD
Affected:< 1.15Fixed in:1.15CVE-2020-3284derived from NVD
n540-28z4c-sys-a\/d firmwareNVD
Affected:< 1.15Fixed in:1.15CVE-2020-3284derived from NVD
n540-acc-sys firmwareNVD
Affected:< 1.15Fixed in:1.15CVE-2020-3284derived from NVD
n540x-12z16g-sys-a\/d firmwareNVD
Affected:< 1.15Fixed in:1.15CVE-2020-3284derived from NVD
n540x-16z4g8q2c-a\/d firmwareNVD
Affected:< 1.15Fixed in:1.15CVE-2020-3284derived from NVD
n560-4-sys firmwareNVD
Affected:< 0.14Fixed in:0.14CVE-2020-3284derived from NVD
n560-7-sys firmwareNVD
Affected:< 0.14Fixed in:0.14CVE-2020-3284derived from NVD
nc55-rp-e firmwareNVD
Affected:< 1.21Fixed in:1.21CVE-2020-3284derived from NVD
nc55-rp firmwareNVD
Affected:< 9.30Fixed in:9.30CVE-2020-3284derived from NVD
ncs-5501-se firmwareNVD
Affected:< 1.21Fixed in:1.21CVE-2020-3284derived from NVD
ncs-5501 firmwareNVD
Affected:< 6.6.25Fixed in:6.6.25CVE-2020-3284derived from NVD
ncs-5502-se firmwareNVD
Affected:< 1.21Fixed in:1.21CVE-2020-3284derived from NVD
ncs-5502 firmwareNVD
Affected:< 1.21Fixed in:1.21CVE-2020-3284derived from NVD
ncs-55a1-24h firmwareNVD
Affected:< 1.12Fixed in:1.12CVE-2020-3284derived from NVD
ncs-55a1-24q6h-s firmwareNVD
Affected:< 6.6.25Fixed in:6.6.25CVE-2020-3284derived from NVD
ncs-55a1-36h-s firmwareNVD
Affected:< 1.12Fixed in:1.12CVE-2020-3284derived from NVD
ncs-55a1-36h-se-s firmwareNVD
Affected:< 1.12Fixed in:1.12CVE-2020-3284derived from NVD
ncs-55a2-mod-hd-s firmwareNVD
Affected:< 1.12Fixed in:1.12CVE-2020-3284derived from NVD
ncs-55a2-mod-hx-s firmwareNVD
Affected:< 1.12Fixed in:1.12CVE-2020-3284derived from NVD
ncs-55a2-mod-s firmwareNVD
Affected:< 1.12Fixed in:1.12CVE-2020-3284derived from NVD
ncs-55a2-mod-se-h-s firmwareNVD
Affected:< 1.12Fixed in:1.12CVE-2020-3284derived from NVD
ncs-55a2-mod-se-s firmwareNVD
Affected:< 6.6.25Fixed in:6.6.25CVE-2020-3284derived from NVD
ncs1001 firmwareNVD
Affected:< 14.60Fixed in:14.60CVE-2020-3284derived from NVD
ncs1002 firmwareNVD
Affected:< 14.60Fixed in:14.60CVE-2020-3284derived from NVD
ncs1004 firmwareNVD
Affected:< 14.60Fixed in:14.60CVE-2020-3284derived from NVD
ncs5001 firmwareNVD
Affected:< 1.13Fixed in:1.13CVE-2020-3284derived from NVD
ncs5002 firmwareNVD
Affected:< 1.13Fixed in:1.13CVE-2020-3284derived from NVD
ncs5011 firmwareNVD
Affected:< 1.14Fixed in:1.14CVE-2020-3284derived from NVD
ncs55-a1-48q6h firmwareNVD
Affected:< 1.12Fixed in:1.12CVE-2020-3284derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

2.77%probability of exploitation in 30 days
85thpercentile

Elevated risk: more likely to be exploited than 85% of all known CVEs.

References

Vendor Advisory1

Related Vulnerabilities

Other CWE-284 (Improper Access Control) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-27350Critical9.8100%KEV + RansomFix
CVE-2019-1653High7.5100%KEV-
CVE-2023-23752Medium5.3100%KEVFix
CVE-2023-29298High7.5100%KEV-
CVE-2023-38205High7.5100%KEV-
CVE-2024-27348Critical9.899%KEVFix
Embed a live status badge for CVE-2020-3284
CVE-2020-3284 severity badge

Markdown

[![CVE-2020-3284](https://tridentstack.com/cve/badge/CVE-2020-3284.svg)](https://tridentstack.com/cve/CVE-2020-3284)

HTML

<a href="https://tridentstack.com/cve/CVE-2020-3284"><img src="https://tridentstack.com/cve/badge/CVE-2020-3284.svg" alt="CVE-2020-3284"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.