Lucene search

K
cve[email protected]CVE-2022-20826
HistoryNov 15, 2022 - 9:15 p.m.

CVE-2022-20826

2022-11-1521:15:22
CWE-501
web.nvd.nist.gov
44
4
cisco
secure
firewalls
3100 series
vulnerability
cve-2022-20826
secure boot
cisco adaptive security appliance
asa software
cisco firepower threat defense
ftd software
logic error
boot process
memory injection
chain of trust

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.2%

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality.

This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.

Affected configurations

NVD
Node
ciscoadaptive_security_appliance_softwareMatch9.17.1
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.9
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.10
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.13
OR
ciscoadaptive_security_appliance_softwareMatch9.18.1
OR
ciscoadaptive_security_appliance_softwareMatch9.18.1.3
AND
ciscosecure_firewall_3105Match-
OR
ciscosecure_firewall_3110Match-
OR
ciscosecure_firewall_3120Match-
OR
ciscosecure_firewall_3130Match-
OR
ciscosecure_firewall_3140Match-
Node
ciscofirepower_threat_defenseMatch7.1.0.0
OR
ciscofirepower_threat_defenseMatch7.2.0.0
OR
ciscofirepower_threat_defenseMatch7.2.0.1
AND
ciscosecure_firewall_3105Match-
OR
ciscosecure_firewall_3110Match-
OR
ciscosecure_firewall_3120Match-
OR
ciscosecure_firewall_3130Match-
OR
ciscosecure_firewall_3140Match-

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Adaptive Security Appliance (ASA) Software",
    "versions": [
      {
        "version": "9.17.1",
        "status": "affected"
      },
      {
        "version": "9.17.1.9",
        "status": "affected"
      },
      {
        "version": "9.17.1.10",
        "status": "affected"
      },
      {
        "version": "9.17.1.13",
        "status": "affected"
      },
      {
        "version": "9.18.1",
        "status": "affected"
      },
      {
        "version": "9.18.1.3",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Firepower Threat Defense Software",
    "versions": [
      {
        "version": "7.1.0",
        "status": "affected"
      },
      {
        "version": "7.2.0",
        "status": "affected"
      },
      {
        "version": "7.2.0.1",
        "status": "affected"
      }
    ]
  }
]

Social References

More

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.2%

Related for CVE-2022-20826