Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2022-20826

MEDIUM

Published 2022-11-10T17:31:54.657Z

Actions:

CVSS Score

V3.1

6.4

/10

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2023.03.01

0.001

probability

of exploitation in the wild

There is a 0.1% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-01-25

Exploit Probability

Percentile: 0.267

Higher than 26.7% of all CVEs

Attack Vector Metrics

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Impact Metrics

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Description

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality.

This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Cisco Adaptive Security Appliance (ASA) Software

Affected Versions:

9.17.1 9.17.1.9 9.17.1.10 9.17.1.13 9.18.1 9.18.1.3

Cisco Firepower Threat Defense Software

Affected Versions:

7.1.0 7.2.0 7.2.0.1

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26

Published: 2022-11-10T17:31:54.657Z

Last Modified: 2024-08-03T02:24:50.027Z

Copied to clipboard!