What is the severity of CVE-2024-20397?

CVE-2024-20397 has a critical severity rating due to its potential for allowing unauthorized access to device functionalities.

How do I fix CVE-2024-20397?

To mitigate CVE-2024-20397, ensure that only authorized personnel have physical access to the affected devices and apply any available patches from Cisco.

Who is affected by CVE-2024-20397?

CVE-2024-20397 affects any Cisco NX-OS Software that has not been updated to address this vulnerability.

What types of attacks could exploit CVE-2024-20397?

CVE-2024-20397 could be exploited by an unauthenticated attacker with physical access or an authenticated local attacker with administrative rights.

What are the potential consequences of CVE-2024-20397?

Exploitation of CVE-2024-20397 could lead to the compromise of critical system integrity by allowing bypassing of signature verification on NX-OS images.

Vulnerability/
CVE-2024-20397

medium

5.2

CWE

284

4/12/2024

5/2/2025

CVE-2024-20397: Cisco NX-OS Software Image Verification Bypass Vulnerability

First published: Wed Dec 04 2024(Updated: )

A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.  This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software.

Credit: psirt@cisco.com

Affected Software	Affected Version	How to fix
Cisco NX-OS

Never miss a vulnerability like this again

Reference Links

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is the severity of CVE-2024-20397?
CVE-2024-20397 has a critical severity rating due to its potential for allowing unauthorized access to device functionalities.
How do I fix CVE-2024-20397?
To mitigate CVE-2024-20397, ensure that only authorized personnel have physical access to the affected devices and apply any available patches from Cisco.
Who is affected by CVE-2024-20397?
CVE-2024-20397 affects any Cisco NX-OS Software that has not been updated to address this vulnerability.
What types of attacks could exploit CVE-2024-20397?
CVE-2024-20397 could be exploited by an unauthenticated attacker with physical access or an authenticated local attacker with administrative rights.
What are the potential consequences of CVE-2024-20397?
Exploitation of CVE-2024-20397 could lead to the compromise of critical system integrity by allowing bypassing of signature verification on NX-OS images.

agent/weakness
agent/title
agent/first-publish-date
agent/type
collector/mitre-cve
source/MITRE
agent/softwarecombine
collector/bleeping-computer
source/BleepingComputer
alias/CVE-2025-20124
alias/CVE-2025-20125
alias/CVE-2025-20169
alias/CVE-2025-20170
alias/CVE-2025-20171
alias/CVE-2024-20397
agent/news-ai
agent/source
agent/severity
agent/references
agent/event
agent/trending
agent/tags
collector/nvd-api
source/NVD
agent/last-modified-date
agent/author
agent/description
agent/guess-ai
vendor/cisco

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.