CVE-2020-3308: Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability
First published: Wed May 06 2020(Updated: )
A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Firepower Threat Defense (FTD) | <6.2.2.1 | |
| Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software | =6.2.2 | |
| Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software | =6.2.3 | |
| Cisco Secure Firewall Management Center | =6.2.2 | |
| Cisco Secure Firewall Management Center | =6.2.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-3308?
CVE-2020-3308 is rated as a high severity vulnerability due to its potential to allow the installation of malicious software on affected Cisco devices.
How do I fix CVE-2020-3308?
To fix CVE-2020-3308, upgrade affected Cisco Firepower Threat Defense and Secure Firewall Management Center Software to the latest version as advised by Cisco.
Who is affected by CVE-2020-3308?
CVE-2020-3308 affects Cisco Firepower Threat Defense and Secure Firewall Management Center Software versions below 6.2.2.1.
What kind of access is required to exploit CVE-2020-3308?
Exploitation of CVE-2020-3308 requires authenticated, remote access with administrator-level credentials to the affected device.
What could an attacker achieve by exploiting CVE-2020-3308?
By exploiting CVE-2020-3308, an attacker could install a malicious software patch, potentially compromising the integrity and security of the device.
- agent/type
- agent/weakness
- agent/severity
- agent/references
- agent/title
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/cisco
- canonical/cisco firepower threat defense (ftd)
- canonical/cisco firepower management center (fmc) and firepower threat defense (ftd) software
- version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.2.2
- version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.2.3
- canonical/cisco secure firewall management center
- version/cisco secure firewall management center/6.2.2
- version/cisco secure firewall management center/6.2.3