// For flags

CVE-2020-3455

Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots.

Una vulnerabilidad en el proceso de arranque seguro de Cisco FXOS Software, podría permitir a un atacante local autenticado omitir los mecanismos de arranque seguro. La vulnerabilidad es debido a unas protecciones insuficientes del proceso de arranque seguro. Un atacante podría explotar esta vulnerabilidad al inyectar código en un archivo específico al que luego se hace referencia durante el proceso de arranque del dispositivo. Una explotación con éxito podría permitir a un atacante romper la cadena de confianza e inyectar código en el proceso de arranque del dispositivo que podría ser ejecutado en cada arranque y mantendría la persistencia entre los reinicios

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-12-12 CVE Reserved
  • 2020-10-21 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-693: Protection Mechanism Failure
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4110
Search vendor "Cisco" for product "Firepower 4110"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4112
Search vendor "Cisco" for product "Firepower 4112"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4115
Search vendor "Cisco" for product "Firepower 4115"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4120
Search vendor "Cisco" for product "Firepower 4120"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4125
Search vendor "Cisco" for product "Firepower 4125"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4140
Search vendor "Cisco" for product "Firepower 4140"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4145
Search vendor "Cisco" for product "Firepower 4145"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4150
Search vendor "Cisco" for product "Firepower 4150"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-24
Search vendor "Cisco" for product "Firepower 9300 Sm-24"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-36
Search vendor "Cisco" for product "Firepower 9300 Sm-36"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-40
Search vendor "Cisco" for product "Firepower 9300 Sm-40"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-44
Search vendor "Cisco" for product "Firepower 9300 Sm-44"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-44 X 3
Search vendor "Cisco" for product "Firepower 9300 Sm-44 X 3"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-48
Search vendor "Cisco" for product "Firepower 9300 Sm-48"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-56
Search vendor "Cisco" for product "Firepower 9300 Sm-56"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.4.1.268
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.4.1.268"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-56 X 3
Search vendor "Cisco" for product "Firepower 9300 Sm-56 X 3"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4110
Search vendor "Cisco" for product "Firepower 4110"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4112
Search vendor "Cisco" for product "Firepower 4112"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4115
Search vendor "Cisco" for product "Firepower 4115"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4120
Search vendor "Cisco" for product "Firepower 4120"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4125
Search vendor "Cisco" for product "Firepower 4125"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4140
Search vendor "Cisco" for product "Firepower 4140"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4145
Search vendor "Cisco" for product "Firepower 4145"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4150
Search vendor "Cisco" for product "Firepower 4150"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-24
Search vendor "Cisco" for product "Firepower 9300 Sm-24"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-36
Search vendor "Cisco" for product "Firepower 9300 Sm-36"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-40
Search vendor "Cisco" for product "Firepower 9300 Sm-40"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-44
Search vendor "Cisco" for product "Firepower 9300 Sm-44"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-44 X 3
Search vendor "Cisco" for product "Firepower 9300 Sm-44 X 3"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-48
Search vendor "Cisco" for product "Firepower 9300 Sm-48"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-56
Search vendor "Cisco" for product "Firepower 9300 Sm-56"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.6 < 2.6.1.214
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.6 < 2.6.1.214"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-56 X 3
Search vendor "Cisco" for product "Firepower 9300 Sm-56 X 3"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4110
Search vendor "Cisco" for product "Firepower 4110"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4112
Search vendor "Cisco" for product "Firepower 4112"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4115
Search vendor "Cisco" for product "Firepower 4115"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4120
Search vendor "Cisco" for product "Firepower 4120"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4125
Search vendor "Cisco" for product "Firepower 4125"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4140
Search vendor "Cisco" for product "Firepower 4140"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4145
Search vendor "Cisco" for product "Firepower 4145"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4150
Search vendor "Cisco" for product "Firepower 4150"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-24
Search vendor "Cisco" for product "Firepower 9300 Sm-24"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-36
Search vendor "Cisco" for product "Firepower 9300 Sm-36"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-40
Search vendor "Cisco" for product "Firepower 9300 Sm-40"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-44
Search vendor "Cisco" for product "Firepower 9300 Sm-44"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-44 X 3
Search vendor "Cisco" for product "Firepower 9300 Sm-44 X 3"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-48
Search vendor "Cisco" for product "Firepower 9300 Sm-48"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-56
Search vendor "Cisco" for product "Firepower 9300 Sm-56"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
>= 2.7 < 2.7.1.131
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.7 < 2.7.1.131"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300 Sm-56 X 3
Search vendor "Cisco" for product "Firepower 9300 Sm-56 X 3"
--
Safe