CVE-2024-20456
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: psirt@cisco.com (Secondary)
Description
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system privileges on the affected device.
This vulnerability is due to an error in the software build process. An attacker could exploit this vulnerability by manipulating the system’s configuration options to bypass some of the integrity checks that are performed during the booting process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass of the requirement to run Cisco signed images or alter the security properties of the running system.
Affected (1)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 24.2.1 |
| Running on/with | Platform Versions |
|---|---|
Cisco 8011 4g24y4h I | All versions |
Cisco 8101 32fh | All versions |
Cisco 8101 32fh O | All versions |
Cisco 8101 32h O | All versions |
Cisco 8102 28fh Dpu O | All versions |
Cisco 8102 64h | All versions |
Cisco 8102 64h O | All versions |
Cisco 8111 32eh O | All versions |
Cisco 8122 64eh O | All versions |
Cisco 8122 64ehf O | All versions |
Cisco 8201 | All versions |
Cisco 8201 24h8fh | All versions |
Cisco 8201 32fh | All versions |
Cisco 8201 32fh O | All versions |
Cisco 8202 | All versions |
Cisco 8202 32fh M | All versions |
Cisco 8212 48fh M | All versions |
Cisco 8404 | All versions |
Cisco 8501 Sys Mt | All versions |
Cisco 8608 | All versions |
Cisco 8700 | All versions |
Cisco 8711 32fh M | All versions |
Cisco 8712 Mod M | All versions |
Cisco 8804 | All versions |
Cisco 8808 | All versions |
Cisco 8812 | All versions |
Cisco 8818 | All versions |
Cisco Ncs 1010 | All versions |
Cisco Ncs 1014 | All versions |
Cisco Ncs 540 12z20g Sys A | All versions |
Cisco Ncs 540 12z20g Sys D | All versions |
Cisco Ncs 540 24q2c2dd Sys | All versions |
Cisco Ncs 540 24q8l2dd Sys | All versions |
Cisco Ncs 540 24z8q2c Sys | All versions |
Cisco Ncs 540 28z4c Sys A | All versions |
Cisco Ncs 540 28z4c Sys D | All versions |
Cisco Ncs 540 6z14s Sys D | All versions |
Cisco Ncs 540 6z18g Sys A | All versions |
Cisco Ncs 540 6z18g Sys D | All versions |
Cisco Ncs 540 Acc Sys | All versions |
Cisco Ncs 540 Fh Agg | All versions |
Cisco Ncs 540 Fh Csr Sys | All versions |
Cisco Ncs 540x 12z16g Sys A | All versions |
Cisco Ncs 540x 12z16g Sys D | All versions |
Cisco Ncs 540x 16z4g8q2c A | All versions |
Cisco Ncs 540x 16z4g8q2c D | All versions |
Cisco Ncs 540x 16z8q2c D | All versions |
Cisco Ncs 540x 4z14g2q A | All versions |
Cisco Ncs 540x 4z14g2q D | All versions |
Cisco Ncs 540x 6z18g Sys A | All versions |
Cisco Ncs 540x 6z18g Sys D | All versions |
Cisco Ncs 540x 8z16g Sys A | All versions |
Cisco Ncs 540x 8z16g Sys D | All versions |
Cisco Ncs 540x Acc Sys | All versions |
Cisco Ncs 57b1 5dse Sys | All versions |
Cisco Ncs 57b1 6d24 Sys | All versions |
Cisco Ncs 57c1 48q6 Sys | All versions |
Cisco Ncs 57d2 18dd Sys | All versions |
References (2)
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.