Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2019-02224

Опубликовано: 13 мая 2019
Источник: fstec
CVSS3: 6.7
CVSS2: 6.5
EPSS Низкий

Описание

Уязвимость функции доверенной загрузки Secure Boot микропрограммного обеспечения cетевых устройств Cisco связана с ошибками проверки целостности кода. Эксплуатация уязвимости может позволить нарушителю установить вредоносный образ программного обеспечения

Вендор

Cisco Systems Inc.

Наименование ПО

Cisco IOS XR
NX-OS
NIM-1CE1T1-PRI
NIM-1MFT-T1/E1
NIM-2BRI-NT/TE
NIM-2CE1T1-PRI
NIM-2FXO
NIM-2FXS
NIM-2FXS/4FXO
NIM-2FXS/4FXOP
NIM-2FXSP
NIM-2MFT-T1/E1
NIM-4BRI-NT/TE
NIM-4E/M
NIM-4FXO
NIM-4FXS
NIM-4FXSP
NIM-4MFT-T1/E1
NIM-8CE1T1-PRI
NIM-8MFT-T1/E1
ASA 5506H-X
ASA 5506W-X
ASA 5506-X
ASA 5508-X
ASA 5516-X
Firepower 4000
Firepower 2100
Firepower 9000
15454-M-WSE-K9
NCS2K-MR-MXP-LIC
Cisco IOS XE
Cisco IOS
Cisco 3000
Cisco 4221
Cisco 4321
Cisco 4331
Cisco 4351
Cisco 4431
Cisco 4451-X
Cisco 4461
Cisco 5000
ASR 1001-HX
ASR 1002-HX
ASR1000-2T+20X1GE
ASR1000-6TGE
ASR1000-ESP100
ASR1000-ESP200
ASR1000-MIP100
ASR1000-RP3
ASR 1001-X
Catalyst 9300
C9500-12Q
C9500-16X
C9500-24Q
C9500-24Y4C
C9500-32C
C9500-32QC
C9500-40X
C9500-48Y4C
Catalyst 9800-40
Catalyst 9800-80
Cisco IC3000
NCS2K-MR-MXP-K9

Версия ПО

до 7.0.1 (Cisco IOS XR)
до 7.1.1 (Cisco IOS XR)
до 9.3(2) (NX-OS)
до 8.4.1 (NX-OS)
- (NIM-1CE1T1-PRI)
- (NIM-1MFT-T1/E1)
- (NIM-2BRI-NT/TE)
- (NIM-2CE1T1-PRI)
- (NIM-2FXO)
- (NIM-2FXS)
- (NIM-2FXS/4FXO)
- (NIM-2FXS/4FXOP)
- (NIM-2FXSP)
- (NIM-2MFT-T1/E1)
- (NIM-4BRI-NT/TE)
- (NIM-4E/M)
- (NIM-4FXO)
- (NIM-4FXS)
- (NIM-4FXSP)
- (NIM-4MFT-T1/E1)
- (NIM-8CE1T1-PRI)
- (NIM-8MFT-T1/E1)
до 1.1.15 (ASA 5506H-X)
до 1.1.15 (ASA 5506W-X)
до 1.1.15 (ASA 5506-X)
до 1.1.15 (ASA 5508-X)
до 1.1.15 (ASA 5516-X)
до 1.0.18 (Firepower 4000)
до 2.6.1.134 (Firepower 2100)
до 1.0.18 (Firepower 9000)
до 11.1 (15454-M-WSE-K9)
до 11.1 (NCS2K-MR-MXP-LIC)
до 16.12.1 (Cisco IOS XE)
до 15.5(1)SY4 (Cisco IOS XE)
до 16.3.9 (Cisco IOS XE)
до 16.6.7 (Cisco IOS XE)
до 16.9.4 (Cisco IOS XE)
до 16.2.1 (Cisco IOS XE)
до 15.9(3)M (Cisco IOS)
до 15.8(3)M3 (Cisco IOS)
до 15.7(3)M5 (Cisco IOS)
до 15.6(3)M7 (Cisco IOS)
до 15.6(3)m6b (Cisco IOS)
до 15.7(3)m4b (Cisco IOS)
до 15.8(3)m2a (Cisco IOS)
до 1.0.05 (Cisco 3000)
до 1.1 (Cisco 4221)
до 1.1 (Cisco 4321)
до 1.1 (Cisco 4331)
до 1.1 (Cisco 4351)
до 1.1 (Cisco 4431)
до 1.1 (Cisco 4451-X)
до 1.1 (Cisco 4461)
- (Cisco 5000)
- (ASR 1001-HX)
- (ASR 1002-HX)
- (ASR1000-2T+20X1GE)
- (ASR1000-6TGE)
- (ASR1000-ESP100)
- (ASR1000-ESP200)
- (ASR1000-MIP100)
- (ASR1000-RP3)
- (ASR 1001-X)
- (Catalyst 9300)
- (C9500-12Q)
- (C9500-16X)
- (C9500-24Q)
- (C9500-24Y4C)
- (C9500-32C)
- (C9500-32QC)
- (C9500-40X)
- (C9500-48Y4C)
- (Catalyst 9800-40)
- (Catalyst 9800-80)
до 1.0.2 (Cisco IC3000)
до 11.1 (NCS2K-MR-MXP-K9)

Тип ПО

Операционная система
Микропрограммный код

Операционные системы и аппаратные платформы

Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -
Cisco Systems Inc. - -

Уровень опасности уязвимости

Средний уровень опасности (базовая оценка CVSS 2.0 составляет 6,5)
Средний уровень опасности (базовая оценка CVSS 3.0 составляет 6,7)

Возможные меры по устранению уязвимости

Обновление программного обеспечения до более поздней версии

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 57%
0.00348
Низкий

6.7 Medium

CVSS3

6.5 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2019-1649

CVSS3: 6.7
nvd
больше 6 лет назад

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious softwa

github логотип

GHSA-8p3x-34c5-5pmx

CVSS3: 6.7
github
больше 3 лет назад

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious sof...

EPSS

Процентиль: 57%
0.00348
Низкий

6.7 Medium

CVSS3

6.5 Medium

CVSS2