CVE-2020-3530

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software (affected versions not specified)

Description: The issue is related to errors in privilege management in the command-line interface (CLI) of Cisco IOS XR Software. This could allow an authenticated, local attacker with valid credentials on the affected device to execute a specific CLI command that should require administrative privileges. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart, potentially affecting the availability and integrity of protected information.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.