What is CVE-2020-3409?

CVE-2020-3409 is a high-severity vulnerability in Cisco Ios, classified under Improper Input Validation. CVSS score: 7.4/10. Published 2020-09-24.

How severe is CVE-2020-3409?

High severity. CVSS v3 base score is 7.4 out of 10.

Is CVE-2020-3409 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Cisco Ios

CVE-2020-3409

A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.001 (27.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.4 (High). Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Ios — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

Live-Hack-CVE/CVE-2020-3409

References

20200924 Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2020-3409?: CVE-2020-3409 is a high-severity vulnerability in Cisco Ios, classified under Improper Input Validation. CVSS score: 7.4/10. Published 2020-09-24.
How severe is CVE-2020-3409?: High severity. CVSS v3 base score is 7.4 out of 10.
Is CVE-2020-3409 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.