CWE
693
Advisory Published

cisco-sa-fxos-sbbyp-KqP6NgrE: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities

First published: Wed Oct 21 2020(Updated: )

Update from October 23, 2020: Cisco has become aware of a new Cisco Adaptive Security Appliance vulnerability that could affect the fixed releases recommended for code trains 9.13 and 9.14 in the Fixed Software section of this advisory. See the Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability for additional information. Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism. The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE

Credit: These vulnerabilities were found during internal security testing.

Affected SoftwareAffected VersionHow to fix
Cisco ASA Software=9.14<9.14.1.15=9.13<9.13.1.13=9.12<9.12.4.3=9.10<9.10.1.43=9.9<9.9.2.80=9.8<9.8.4.26
9.14.1.15
9.13.1.13
9.12.4.3
9.10.1.43
9.9.2.80
9.8.4.26
Cisco FTD Software>=Earlier than 6.2.2=6.2.2=6.2.3=6.3.0<=6.4.0<6.4.0.10
6.4.0.10

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

  • What is the severity of cisco-sa-fxos-sbbyp-KqP6NgrE?

    The severity of cisco-sa-fxos-sbbyp-KqP6NgrE is medium with a severity value of 6.7.

  • Which Cisco products are affected by cisco-sa-fxos-sbbyp-KqP6NgrE?

    The Cisco products affected by cisco-sa-fxos-sbbyp-KqP6NgrE are ASA Software versions 9.14 up to exclusive 9.14.1.15, 9.13 up to exclusive 9.13.1.13, 9.12 up to exclusive 9.12.4.3, 9.10 up to exclusive 9.10.1.43, 9.9 up to exclusive 9.9.2.80, 9.8 up to exclusive 9.8.4.26, and FTD Software version earlier than 6.2.2 up to inclusive 6.4.0 exclusive 6.4.0.10.

  • How can I fix cisco-sa-fxos-sbbyp-KqP6NgrE?

    To fix cisco-sa-fxos-sbbyp-KqP6NgrE, apply the recommended fixed software updates provided in the advisory.

  • Where can I find more information about cisco-sa-fxos-sbbyp-KqP6NgrE?

    You can find more information about cisco-sa-fxos-sbbyp-KqP6NgrE in the Cisco Security Advisory.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203