Design/Logic Flaw

2022-11-1521:15:00

PRIOn knowledge base

www.prio-n.com

cisco

secure firewalls

asa software

firepower threat defense

logic flaw

vulnerability

boot process

memory injection

persistent code

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.3%

JSON

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality.

This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.

CPENameOperatorVersion
adaptive_security_appliance_softwareeq9.17.1
adaptive_security_appliance_softwareeq9.17.1.9
adaptive_security_appliance_softwareeq9.17.1.10
adaptive_security_appliance_softwareeq9.17.1.13
adaptive_security_appliance_softwareeq9.18.1
adaptive_security_appliance_softwareeq9.18.1.3
firepower_threat_defenseeq7.1.0.0
firepower_threat_defenseeq7.2.0.0
firepower_threat_defenseeq7.2.0.1

Name	Operator	Version
adaptive_security_appliance_software	eq	9.17.1
adaptive_security_appliance_software	eq	9.17.1.9
adaptive_security_appliance_software	eq	9.17.1.10
adaptive_security_appliance_software	eq	9.17.1.13
adaptive_security_appliance_software	eq	9.18.1
adaptive_security_appliance_software	eq	9.18.1.3
firepower_threat_defense	eq	7.1.0.0
firepower_threat_defense	eq	7.2.0.0
firepower_threat_defense	eq	7.2.0.1