Hunderte von CISCO-Switches sind von Bootloader-Fehler betroffen

Teilen:

A bootloader vulnerability in Cisco NX-OS affects 100+ switches, allowing attackers to bypass image signature checks.

Cisco released security patches for a vulnerability, tracked as CVE-2024-20397 (CVSS score of 5.2), in the NX-OS software’s bootloader that could be exploited by attackers to bypass image signature verification.

“A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.” reads the advisory.

The root cause of the vulnerability is insecure bootloader settings. An attacker could execute a series of bootloader commands to trigger the vulnerability.

“A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software.” continues the advisory.

The vulnerability affects the following Cisco products running NX-OS Software with a vulnerable BIOS version, regardless of their configuration:

  • UCS 6500 Series Fabric Interconnects (CSCwj35846)
  • MDS 9000 Series Multilayer Switches (CSCwh76163)
  • Nexus 3000 Series Switches (CSCwm47438)
  • Nexus 7000 Series Switches (CSCwh76166)
  • Nexus 9000 Series Fabric Switches in ACI mode (CSCwn11901)
  • Nexus 9000 Series Switches in standalone NX-OS mode (CSCwm47438)
  • UCS 6400 Series Fabric Interconnects (CSCwj35846)

The IT giant states that there are no workarounds that address this vulnerability.

The company PSIRT is not aware of any attacks in the wild exploiting this vulnerability CVE-2024-20397

Cisco will not address the vulnerability for Nexus 92160YC-X that has reached the End of Vulnerability/Security Support.

Quelle

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
10:58 pm, Juli 6, 2025
Wetter-Symbol 17°C
L: 16° | H: 18°
overcast clouds
Luftfeuchtigkeit: 71 %
Druck: 1007 mb
Wind: 9 mph NW
Windböe: 0 mph
UV-Index: 0
Niederschlag: 0 mm
Wolken: 100%
Regen Chance: 0%
Sichtbarkeit: 10 km
Sonnenaufgang: 4:51 am
Sonnenuntergang: 9:18 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Tomorrow 10:00 pm
Wetter-Symbol
16° | 18°°C 0.99 mm 99% 13 mph 92 % 1015 mb 0 mm/h
Di. Juli 08 10:00 pm
Wetter-Symbol
13° | 24°°C 0.2 mm 20% 11 mph 76 % 1020 mb 0 mm/h
Mi. Juli 09 10:00 pm
Wetter-Symbol
15° | 26°°C 0 mm 0% 6 mph 66 % 1023 mb 0 mm/h
Do. Juli 10 10:00 pm
Wetter-Symbol
19° | 31°°C 0 mm 0% 8 mph 63 % 1024 mb 0 mm/h
Fr. Juli 11 10:00 pm
Wetter-Symbol
20° | 30°°C 0 mm 0% 12 mph 54 % 1023 mb 0 mm/h
Tomorrow 1:00 am
Wetter-Symbol
17° | 17°°C 0 mm 0% 9 mph 72 % 1007 mb 0 mm/h
Tomorrow 4:00 am
Wetter-Symbol
16° | 16°°C 0.31 mm 31% 8 mph 79 % 1007 mb 0 mm/h
Tomorrow 7:00 am
Wetter-Symbol
14° | 14°°C 0.99 mm 99% 10 mph 92 % 1009 mb 0 mm/h
Tomorrow 10:00 am
Wetter-Symbol
17° | 17°°C 0.33 mm 33% 12 mph 53 % 1011 mb 0 mm/h
Tomorrow 1:00 pm
Wetter-Symbol
22° | 22°°C 0 mm 0% 13 mph 37 % 1012 mb 0 mm/h
Tomorrow 4:00 pm
Wetter-Symbol
20° | 20°°C 0 mm 0% 10 mph 41 % 1013 mb 0 mm/h
Tomorrow 7:00 pm
Wetter-Symbol
20° | 20°°C 0 mm 0% 7 mph 45 % 1014 mb 0 mm/h
Tomorrow 10:00 pm
Wetter-Symbol
17° | 17°°C 0 mm 0% 11 mph 49 % 1015 mb 0 mm/h
Name Preis24H (%)
Bitcoin(BTC)
€92,670.02
0.97%
Ethereum(ETH)
€2,196.63
2.81%
Fesseln(USDT)
€0.85
0.00%
XRP(XRP)
€1.94
2.64%
Solana(SOL)
€129.58
3.54%
USDC(USDC)
€0.85
-0.01%
Dogecoin(DOGE)
€0.146173
4.76%
Shiba Inu(SHIB)
€0.000010
3.57%
Pepe(PEPE)
€0.000008
4.86%
Nach oben scrollen