CVE-2020-3512

CVSS V2 Medium 5.7 CVSS V3 High 7.4

Description

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Overview

CVE ID
CVE-2020-3512

Assigner
ykramarz@cisco.com

Vulnerability Status
Analyzed

Published Version
2020-09-24T18:15:21

Last Modified Date
2020-10-08T14:03:51

Weakness Enumerations

CWE	URL
CWE-400	http://cwe.mitre.org/data/definitions/400.html

CPE Configuration (Product)

CPE	Vulnerable	Operator
		AND
cpe:2.3:o:cisco:ios_xe:15.2\(7\)e:::::::*	1	OR
cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_3650-24pd:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_3650-24pdm:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_3650-48fqm:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_3850-24xs:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_3850-48xs:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200-24p:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200-24t:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200-48p:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200-48t:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-24p:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-24s:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-24t:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-24u:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-24ux:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-48p:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-48s:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-48t:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-48u:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-48un:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9404r:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9407r:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9410r:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9500-12q:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9500-16x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9500-24q:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9500-32c:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9500-32qc:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9500-40x:-:::::::*	0	OR
cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:::::::*	0	OR
cpe:2.3:h:cisco:connected_grid_switch_2520:-:::::::*	0	OR
cpe:2.3:h:cisco:ess_2020:-:::::::*	0	OR
cpe:2.3:h:cisco:ess_3300:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-1000:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-2000u-16tc-g:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-2000u-16tc-g-x:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-2000u-16tc-gp:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-2000u-4s-g:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-2000u-4t-gs:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-2000u-4ts-g:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-2000u-8tc-g:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3000:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3010-16s-8pc_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3010-24tc_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3200-8p2s-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3200-8t2s-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3300-8p2s-a:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3300-8p2s-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3300-8t2s-a:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3300-8t2s-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3300-8t2x-a:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3300-8t2x-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3300-8u2x-a:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3300-8u2x-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3400-8p2s-a:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3400-8p2s-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3400-8t2s-a:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-3400-8t2s-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-16gt4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-16t4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-4gc4gp4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-4gs8gp4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-4s8p4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-4t4p4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-4tc4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-8gs4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-8gt4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-8gt8gp4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-8s4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4000-8t4g-e:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4010-16s12p_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-4010-4s24p_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-5000-12s12p-10g:-:::::::*	0	OR
cpe:2.3:h:cisco:ie-5000-16s12p:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-16ptc-g_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-16t67_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-16t67p_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-16tc-g-e_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-16tc-g-n_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-16tc-g-x_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-16tc-g_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-16tc_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-24t67_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-4s-ts-g_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-4t-g_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-4t_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-4ts-g_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-4ts_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-8t67_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-8t67p_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-8tc-g-e_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-8tc-g-n_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:ie_2000-8tc-g_industrial_ethernet_switch:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3300-14t2s:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3300-16p:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3300-16t:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3300-4mu-2:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3300-6t2s:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3300-8p:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3300-8s:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3300-8t:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3400-8p:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3400-8s:-:::::::*	0	OR
cpe:2.3:h:cisco:iem-3400-8t:-:::::::*	0	OR

CVSS Version 2

Version
2.0

Vector String
AV:A/AC:M/Au:N/C:N/I:N/A:C

Access Vector
ADJACENT_NETWORK

Access Compatibility
MEDIUM

Authentication
NONE

Confidentiality Impact
NONE

Integrity Impact
NONE

Availability Impact
COMPLETE

Base Score
5.7

Severity
MEDIUM

Exploitability Score
5.5

Impact Score
6.9

CVSS Version 3

Version
3.1

Vector String
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Attack Vector
ADJACENT_NETWORK

Attack Compatibility
LOW

Privileges Required
NONE

User Interaction
NONE

Scope
CHANGED

Confidentiality Impact
NONE

Availability Impact
HIGH

Base Score
7.4

Base Severity
HIGH

Exploitability Score
2.8

Impact Score
4

References

Reference URL	Reference Tags
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5	Vendor Advisory

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2020-3512
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3512

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 17:09:48				Added to TrackCVE
2022-12-04 23:19:25	psirt@cisco.com	ykramarz@cisco.com	CVE Assigner	updated
2022-12-04 23:19:25	2020-09-24T18:15Z	2020-09-24T18:15:21	CVE Published Date	updated
2022-12-04 23:19:25		2020-10-08T14:03:51	CVE Modified Date	updated
2022-12-04 23:19:25		Analyzed	Vulnerability Status	updated