Improper Verification of Cryptographic Signature in Cisco Systems, Inc products - CVE-2019-1736
Published: February 20, 2020
Vulnerability identifier: #VU25491
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-1736
CWE-ID: CWE-347
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Firepower Management Center 1000
Firepower Management Center 2500
Firepower Management Center 4500
Secure Network Server 3500 Series Appliances
Cisco Secure Network Server 3600 Series Appliances
Threat Grid 5504 Appliance
Firepower Management Center 1000
Firepower Management Center 2500
Firepower Management Center 4500
Secure Network Server 3500 Series Appliances
Cisco Secure Network Server 3600 Series Appliances
Threat Grid 5504 Appliance
Detailed vulnerability description
The vulnerability allows a local user to load a compromised software image on an affected device.
The vulnerability exists within the firmware of the Cisco UCS C-Series Rack Servers due to improper validation of the server firmware upgrade images. An administrator with physical access can install a server firmware version that would allow the attacker to disable UEFI Secure Boot.
A successful exploit could allow the attacker to bypass the signature validation checks that are done by UEFI Secure Boot technology and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.
How to mitigate CVE-2019-1736
Install updates from vendor's website.