At the time of publication, this vulnerability affected the following Cisco products if they were running a software release earlier than the first fixed release for that device and were configured with the Cisco IOx application hosting environment:
- 809 Industrial ISR: Cisco IOS Software earlier than Release 15.9(3)M3
- 829 Industrial ISR: Cisco IOS Software earlier than Release 15.9(3)M3
- CGR 1000 Compute Module: CGR 1000 IOx Compute Platform Firmware earlier than Release 188.8.131.52
- IC3000 Industrial Compute Gateway: Industrial Compute Gateway Software earlier than Release 1.3.2
See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.
Assess the IOx Application Framework
Use the following subsections to determine whether a device is configured with the Cisco IOx application hosting environment:
Cisco 809 and 829 Industrial Integrated Services Routers
For Cisco 809 and 829 Industrial ISRs, to determine whether the Cisco IOx application hosting environment is enabled on a device, use the show iox host list detail | include OS status command at the device CLI.
The following example shows the output of the command for a device that has the Cisco IOx application hosting environment enabled:
Router#show iox host list detail | include OS status
OS status: RUNNING
If this command does not exist, or if it produces output that does not show RUNNING in the OS status field, the device is not affected by this vulnerability.
Cisco CGR 1000 Compute Module
For Cisco CGR 1000 Compute Module, to determine the status of IOx functionality, use the show iox host list detail | include IOX Server is running CLI command, as shown in the following example:
CGR1000#show iox host list detail | include IOX Server is running
IOX Server is running. Process ID: 305
Cisco IC3000 Industrial Compute Gateway
On the Cisco IC3000 Industrial Compute Gateway, the Cisco IOx functionality is enabled by default.
To determine the status of the IOx functionality, use the show iox summary CLI command, as shown in the following example:
ic3k>show iox summary
IOx Infrastructure Summary:
images: Lnx: 0.13.31., IOx: 1.12.0:r/184.108.40.206:0c30349
boot: 2021-02-25 15:06:08
time: 2021-02-26 20:36:22
load: 20:36:22 up 1 day, 5:30, 1 user, load average: 0.37, 0.35, 0.43
memory: ok, used: 2637/7735 (34%)
disk: warning, used: /:664640/750628 (88%), /software:85834912/87069676 (98%)
process: ok, running: 5/5
logs: warning, errors: caf (6109)
apps: ok, Cisco_Cyber_Vision (R)
Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following Cisco products:
- Other platforms that support IOx
- IOX XE Software
- IOS XR Software
- NX-OS Software