CVE-2021-1375

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

CVE-2021-1375 Cisco IOS XE Software Fast Reload Vulnerabilities

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

CVE-2021-1376 Cisco IOS XE Software Fast Reload Vulnerabilities

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

CVE-2021-1376 Cisco IOS XE Software Fast Reload Vulnerabilities

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

CVE-2021-1449

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploi...

CVE-2021-1453 Cisco IOS XE Software for the Catalyst 9000 Family Arbitrary Code Execution Vulnerability

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code functi...

CVE-2021-1453 Cisco IOS XE Software for the Catalyst 9000 Family Arbitrary Code Execution Vulnerability

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code functi...

CVE-2021-1441 Cisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution Vulnerability

A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is...

PT-2021-2556 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers affected versions not specified Cisco IOS XE Software for Cisco ESR6300 Embedded Series Routers affected versions not specified Description: The issue exists d...

Cisco Cisco Catalyst 9000 数据伪造问题漏洞

The Cisco Catalyst 9000 is a switch from Cisco USA. A security vulnerability exists in the Cisco Catalyst 9000 Family that originates from an improper check in the code function that manages the digital signature verification of the system image file during the initial boot process. An attacker...

grub2 安全漏洞

grub2 is a Linux system boot program from the GNU community. GRUB2 has a security vulnerability that allows grub to be booted directly if a certificate signing grub is installed into the db. it can then boot any kernel without signature verification...

CVE-2021-1136

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

CVE-2021-1244

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

TrickBot Malware Gets UEFI/BIOS Bootkit Feature to Remain Undetected

TrickBot, one of the most notorious and adaptable malware botnets in the world, is expanding its toolset to set its sights on firmware vulnerabilities to potentially deploy bootkits and take complete control of an infected system. The new functionality, dubbed "TrickBoot" by Advanced Intelligence...

Cisco FXOS Secure Boot Bypass Vulnerability

Cisco FXOS Software is a set of firewall software from Cisco that runs in Cisco security appliances. Cisco FXOS has a security vulnerability that stems from insufficient protection of the secure boot process. An attacker can exploit the vulnerability to break the chain of trust and inject code in...

CVE-2020-3458

Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism. The...

CVE-2020-3458

The CVE-2020-3458 entries describe multiple vulnerabilities in the secure boot process of Cisco ASA and Firepower Threat Defense (FTD) software on Firepower 1000/2100 series appliances. A local, authenticated attacker could bypass the chain of trust by injecting code into specific files used duri...

Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability

A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into...