What is CVE-2020-3407?

CVE-2020-3407 is a high-severity vulnerability in Cisco 1100-4g_integrated_services_router, classified under NULL Pointer Dereference. CVSS score: 8.6/10. Published 2020-09-24.

How severe is CVE-2020-3407?

High severity. CVSS v3 base score is 8.6 out of 10.

Is CVE-2020-3407 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

NULL pointer dereference in Cisco 1100-4g_integrated_services_router

CVE-2020-3407

A vulnerability in the RESTCONF and NETCONF-YANG access control list (ACL) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of…

EPSS: 0.015 (70.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Weakness classification (CWE)

CWE-476 — NULL Pointer Dereference

Public proof-of-concept exploits

Live-Hack-CVE/CVE-2020-3407

References

psirt@cisco.com (x_refsource_CISCO, vendor-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2020-3407?: CVE-2020-3407 is a high-severity vulnerability in Cisco 1100-4g_integrated_services_router, classified under NULL Pointer Dereference. CVSS score: 8.6/10. Published 2020-09-24.
How severe is CVE-2020-3407?: High severity. CVSS v3 base score is 8.6 out of 10.
Is CVE-2020-3407 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.