Main Vulnerability Database Vulnerabilities #VU47946

#VU47946 Protection Mechanism Failure in Cisco Systems, Inc products - CVE-2020-3458

Published: October 21, 2020 / Updated: October 27, 2020

Vulnerability identifier: #VU47946

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-3458

CWE-ID: CWE-693

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Cisco Adaptive Security Appliance (ASA)
Cisco Firewall Threat Defense (FTD)
Firepower 1000 Series Appliances
Firepower 2100 Series Security Appliance

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to insufficient protections of the secure boot process. A local administrator can inject code into specific files that are then referenced during the device boot process, break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots.

Remediation

Install updates from vendor's website.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE

#VU47946 Protection Mechanism Failure in Cisco Systems, Inc products - CVE-2020-3458

Description

Remediation

External links

Please verify you're human