CVE-2020-3216

Name of the Vulnerable Software and Affected Versions Cisco IOS XE SD-WAN Software (affected versions not specified)

Description A vulnerability exists due to insufficient authentication mechanisms for certain commands, allowing an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The issue can be exploited by stopping the boot initialization of the device, potentially giving the attacker full control over the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.