Main Vulnerability Database SB2020060370

SB2020060370 - Improper Verification of Cryptographic Signature in Cisco IOS XE

Published: June 3, 2020 Updated: November 1, 2022

Security Bulletin ID SB2020060370

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2020-3209)

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to due to an improper check on the area of code that manages the verification of the digital signatures of system image files during the initial boot process. An attacker with physical access can install and boot a malicious software image or execute unsigned binaries on the target device.

Remediation

Install update from vendor's website.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-digsig-bypass-FYQ3bmVq