CVE-2024-20456

Published Jul 10, 2024

Last updated 10 months ago

CVSS medium 6.7

Overview

Description: A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system privileges on the affected device. This vulnerability is due to an error in the software build process. An attacker could exploit this vulnerability by manipulating the system’s configuration options to bypass some of the integrity checks that are performed during the booting process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass of the requirement to run Cisco signed images or alter the security properties of the running system.
Source: psirt@cisco.com
NVD status: Analyzed
Products: ios_xr

Risk scores

CVSS 3.1

Type: Secondary
Base score: 6.7
Impact score: 5.9
Exploitability score: 0.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

Weaknesses

psirt@cisco.com: CWE-732

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:24.2.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "D64E1C4D-46B0-4A18-B8EE-BEA732CBF1F8",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:8011-4g24y4h-i:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "1C422517-1BC8-4BCE-97E8-A2C165C7BB64",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8101-32fh-o:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "437EBDAF-0633-409C-9EA4-DAD099D553B6",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8101-32h-o:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "8153C555-9AF4-4793-8F27-B01F1B3D76B9",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8102-28fh-dpu-o:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "F0229018-3C4A-4174-B50F-F352FB1CCF9A",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8102-64h-o:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "2B14EC7C-4916-49C8-B919-E0149A4C44BF",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8111-32eh-o:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "9E0443E9-9309-4503-9D21-ED5359F87E71",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8122-64eh-o:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "9911F911-E322-4B0F-B31A-8FDA80D7AE5B",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8122-64ehf-o:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "5FA5968D-7167-4D7D-A055-6F3C8023B496",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8201-24h8fh:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "7A554611-6B1B-482E-AF77-CD032EA7A978",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8201-32fh-o:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "321767C3-BEBB-4A70-A4BF-4EED7E6669D9",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8202-32fh-m:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "17EF50F5-0A9F-4649-BEBB-1F181E27C5B7",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8212-48fh-m:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "59AB5F5A-2346-4F4B-A6ED-1884C5BE9353",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8404:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "540DCD6A-722D-4173-8046-885FEFA23A14",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8501-sys-mt:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "18A5A74F-458A-4D51-B487-949E637E58AD",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8608:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "58B8D161-2D5E-4BD8-9518-B2FAB73ADEEE",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8700:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "115B1C4A-A508-4F22-8E15-545AB4301017",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8711-32fh-m:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "D4DF4211-FC4B-4A4A-9154-D64F0B84EEA3",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8712-mod-m:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "3432E52B-6914-4DF2-8D7C-C19A435BF542",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_1010:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "97D1123D-39F9-4D22-99CE-F28CA57FE191",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_1014:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "F2E3F337-0CF5-456E-B313-DC3ED4BF9D9B",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "D5494B4B-0BB4-48AE-8B0D-04DE649F9313",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "B3A0C835-6C98-4AB6-89FF-C27117BB6B12",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-24q2c2dd-sys:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "24550EBB-6FEE-4916-B58A-5FD8E45E962B",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-24q8l2dd-sys:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "AAD71DBE-AE18-49FA-826E-52D87A73F496",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "395F25CD-FDF5-48D7-A048-A6B4F4779EC9",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "2E926BBC-F5C5-4D02-8A62-F1A5DE3C54DA",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "EFB1323A-C472-4EA1-A969-1D1C10AB0CE8",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-6z14s-sys-d:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "A64FB4E3-4393-4A89-B6FB-E990D33427C5",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-6z18g-sys-a:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E2E585D1-F2E7-4CBE-ACA2-6552ACDF492A",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-6z18g-sys-d:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "44BB03A0-9152-444B-B5CD-70F4CBD53D03",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-acc-sys:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "124CE49C-1C2B-40A5-8F59-7A223766E12F",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-fh-agg:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "3D7DFE35-76BA-4BAE-9C4B-0625DAE573B0",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540-fh-csr-sys:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "1645EAA7-0847-4418-BA9B-FA8E36B59626",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "A83F3D33-0674-4F74-AEA9-BC824D8536F5",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "784A450D-8DCA-43E5-8044-A9F2363FB006",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "92E88ED4-C2AF-407C-A395-3D7806D68758",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "2DA11E43-F821-45F6-A2DB-E1EBC8BDE68B",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-16z8q2c-d:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "A93F10D9-CF79-4DF2-964C-D423D1C1D993",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-4z14g2q-a:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "A52A23CF-2D33-46CD-9784-D54826F63C71",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-4z14g2q-d:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "BB9BD2FE-BADB-489F-B832-2EF53F8679E6",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-6z18g-sys-a:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "42610AAA-9830-44C3-8D1D-2433FCA0541B",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-6z18g-sys-d:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "31CE816F-858C-421A-99D1-FCD4BB5FAD47",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-8z16g-sys-a:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "2C4A522F-560C-438D-AB68-BF0175C06F78",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-8z16g-sys-d:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "A405E23C-24BC-42C8-99DB-D8E5EFD98261",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540x-acc-sys:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "871D84C5-71EE-4B82-A48C-A1CC68DA332A",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "13EEDD1C-25BC-4AFA-AF60-66DE36927528",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "5CD3B06B-864E-4A35-B0C3-1654390022D2",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "AD1B4F37-5AAA-4F40-8865-226289CB5CEB",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_57d2-18dd-sys:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "976AC38F-5873-41ED-82B6-31C22FCC6BEE",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References