Cisco FXOS and NX-OS Software Secure Configuration Bypass (CVE-2019-1728)

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of...

CVE-2022-20944

CVE-2022-20944 concerns Cisco IOS XE for Catalyst 9200 Series Switches . It exploits an improper check in the image verification that occurs during system boot, allowing an unauthenticated, physical attacker to load unsigned software and potentially boot malicious code or bypass the verification ...

Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution (cisco-sa-ios-xe-cat-verify-D4NEQA6q)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned...

CVE-2021-1453

Cisco IOS XE Software for the Catalyst 9000 Family is affected by CVE-2021-1453. The issue is in the image verification function during the initial boot, where an improper check of digital signatures on system image files could allow an unauthenticated, physical attacker to load unsigned software...

CVE-2021-1441 Cisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution Vulnerability

A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is...

CVE-2021-1441

Summary of CVE-2021-1441 (Cisco IOS XE hardware initialization ARBITRARY CODE EXECUTION) Affected products: Cisco IOS XE Software on Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers. Root cause: Incorrect validation of parameters passed to a diagn...

CVE-2019-1728

Cisco FXOS and NX-OS Software are affected by CVE-2019-1728 through the Secure Configuration Validation functionality. An authenticated local attacker with administrative credentials can overwrite the persistent configuration on the device, allowing arbitrary commands to run at system boot with r...

smb2-vuln-uptime NSE Script

Attempts to detect missing patches in Windows systems by checking the uptime returned during the SMB2 protocol negotiation. SMB2 protocol negotiation response returns the system boot time pre-authentication. This information can be used to determine if a system is missing critical patches without...