CVSS: 7.2EPSS: 0%CPEs: 211EXPL: 0CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-1649
13 May 2019 — A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot har... • http://www.securityfocus.com/bid/108350 • CWE-284: Improper Access Control CWE-667: Improper Locking •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-6702
https://notcve.org/view.php?id=CVE-2013-6702
04 Dec 2013 — The management implementation on Cisco ONS 15454 controller cards with software 9.8 and earlier allows remote attackers to cause a denial of service (card reset) via crafted packets, aka Bug ID CSCtz50902. La implementación de gestión en tarjetas controladoras Cisco ONS 15454 con softare 9.8 y anteriores permite a atacantes remotos causar denegación de servicio (reinicio de la tarjeta) a través de paquetes manipulados, también conocido como Bug ID CSCtz50902. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6702 • CWE-20: Improper Input Validation •