Cisco first disclosed the vulnerability and issued a fix in October 2020. However, the initial patch for CVE-2020-3580 was incomplete, and a further fix was released in April 2021.