Severity Rating: High
Software Affected
Cisco IOS XE Software.
Overview
A vulnerability have been reported in Cisco devices which could allow
remote attacker to execute arbitrary code on targeted device.
Description
A buffer overflow vulnerability exists in telnetd due to incorrect bounds
checks in the services handling of short writes or urgent data. An attacker
could exploit this vulnerability by sending specially crafted telnet
packets to achieve arbitrary code execution in the telnet server.
Successful exploitation of this vulnerability could allow the attacker to
execute arbitrary code on targeted device.
Solution
Apply appropriate updates as mentioned in:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco- -sa-telnetd-EFJrEzPx#details
Vendor Information
CISCO
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco- -sa-telnetd-EFJrEzPx#details
Reference
CISCO
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco- -sa-telnetd-EFJrEzPx#details
CVE Name
(CVE-2020-10188)
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.