CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-1649
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. • http://www.securityfocus.com/bid/108350 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot https://www.kb.cert.org/vuls/id/400865 https://www.us-cert.gov/ics/advisories/icsa-20-072-03 • CWE-284: Improper Access Control CWE-667: Improper Locking •
CVE-2013-6701
https://notcve.org/view.php?id=CVE-2013-6701
The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to cause a denial of service (watchdog timeout and TNC reset) via a flood of network traffic, aka Bug ID CSCud97155. El proceso tNetTaskLimit en Transport Node Controller (TNC) en dispositivos Cisco ONS 15454 con software 9.6 y anteriores no prioriza correctamente pings sanitarios, lo cual permite a atacantes remotos causar denegación de servicio (watchdog timeout y reinicio del TNC) a través de inundación del tráfico de red, también conocido como Bug ID CSCud97155. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701 http://tools.cisco.com/security/center/viewAlert.x?alertId=32200 http://www.securitytracker.com/id/1029512 • CWE-20: Improper Input Validation •
CVE-2006-1670
https://notcve.org/view.php?id=CVE-2006-1670
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910. • http://secunia.com/advisories/19553 http://securitytracker.com/id?1015872 http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml http://www.osvdb.org/24434 http://www.securityfocus.com/bid/17384 http://www.vupen.com/english/advisories/2006/1256 https://exchange.xforce.ibmcloud.com/vulnerabilities/25643 •