How severe is CVE-2020-3545?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2020-3545?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2020-3545

MEDIUM Year: 2020

CVSS v3 Score

6.7

Medium

CVSS v2 Score

7.2

High

Weakness Type

CWE-119

View all →

Vulnerability Description

A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could exploit this vulnerability by supplying a crafted file that, when it is processed, may cause a stack-based buffer overflow. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges. An attacker would need to have valid administrative credentials to exploit this vulnerability.

CVE-2016-4439

MEDIUM

CVSS:6.7(Medium)

The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a...

CWE-1192016

CVE-2016-8774

MEDIUM

CVSS:6.7(Medium)

The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones ...

CWE-1192016

CVE-2016-8775

MEDIUM

CVSS:6.7(Medium)

Touch Panel (TP) driver in Huawei NEM phones with software Versions before NEM-AL10C00B130, Versions before NEM-UL10C17B160, Versions before NEM-UL10C00B160, Versions before NEM-TL00C01B160 allows att...

CWE-1192016

CVE-2018-0342

MEDIUM

CVSS:6.7(Medium)

A vulnerability in the configuration and monitoring service of the Cisco SD-WAN Solution could allow an authenticated, local attacker to execute arbitrary code with root privileges or cause a denial o...

CWE-1192018

CVE-2018-1068

MEDIUM

CVSS:6.7(Medium)

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

CWE-1192018

CVE-2018-12150

MEDIUM

CVSS:6.7(Medium)

Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local acc...

CWE-1192018

CVE-2020-3545

Vulnerability Description

Related Vulnerabilities

CVE-2016-4439

CVE-2016-8774

CVE-2016-8775

CVE-2018-0342

CVE-2018-1068

CVE-2018-12150