{"uuid": "74b979c2-8a98-4d4c-965d-0af46723ca2a", "vulnerability": {"vulnId": "CVE-2020-3569", "altId": []}, "gcve": {"origin_uuid": "405284c2-e461-4670-8979-7fd2c9755a60", "object_uuid": "74b979c2-8a98-4d4c-965d-0af46723ca2a"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2021-11-03T00:00:00+00:00"}, "characteristics": {}, "timestamps": {"asserted_at": "2021-11-03T00:00:00Z", "recorded_at": "2026-02-02T13:24:01Z", "first_seen_at": "2021-11-03T00:00:00Z"}, "scope": {"notes": "KEV entry: Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability | Affected: Cisco / IOS XR | Description: Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash. | Required action: Apply updates per vendor instructions. | Due date: 2022-05-03 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2020-3569"}, "evidence": [{"type": "vendor_report", "source": "cisa-kev", "signal": "successful_exploitation", "confidence": 0.8, "details": {"cwes": ["CWE-400"], "feed": "CISA Known Exploited Vulnerabilities Catalog", "product": "IOS XR", "due_date": "2022-05-03", "date_added": "2021-11-03", "vendorProject": "Cisco", "vulnerabilityName": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability", "knownRansomwareCampaignUse": "Unknown"}}], "references": [{"id": "CVE-2020-3569", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-3569"}]}