CyberGlobal Risk

Critical flaw in IOS routers allows ‘complete system compromise’

Four critical flaws have been disclosed by Cisco, affecting router equipment operating on IOS XE and IOS software created by the company. the critical flaws are part of Cisco’s June 3 semi-annual advisory and were disclosed alongside 23 advisories describing 25 vulnerabilities in total.

The most severe bug, CVE-2020-3227, is classified as a 9.8 out of 10, and concerns the authorization controls for the Cisco IOx application hosting infrastructure, allowing for a remote attacker without any credentials to execute Cisco IOx API commands. The hacker can exploit the flaw with a unique API call to request the token and then execute unauthorized commands, according to the report.

Read More: Critical flaw in IOS routers allows ‘complete system compromise’

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.