Medium severity6.8NVD Advisory· Published Jun 3, 2020· Updated Jun 17, 2026
CVE-2020-3220
CVE-2020-3220
Description
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The vulnerability is due to insufficient verification of authenticity of received Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by tampering with ESP cleartext values as a man-in-the-middle.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: n/a
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.