Vulnerability-Lookup

CVE-2022-20826 (GCVE-0-2022-20826)

Vulnerability from cvelistv5 – Published: 2022-11-10 17:31 – Updated: 2024-08-03 02:24

Summary

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality. This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.

Severity ?

6.4 (Medium)


                        
                          CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-501 - Trust Boundary Violation

Assigner

cisco

References

URL

CERTFR-2022-AVI-1022

Vulnerability from certfr_avis - Published: 2022-11-10 - Updated: 2022-11-10

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco Adaptive Security Appliance (ASA)
Cisco Firepower Threat Defense (FTD)
Cisco Firepower Management Center (FMC)
Cisco Next-Generation Intrusion Prevention System (NGIPS) versions antérieures à 7.0.5

Veuillez utiliser l'outil Cisco Software Checker proposé par l'éditeur afin d'identifier les versions corrigées de vos produits Cisco ASA, Cisco FTD et Cisco FMC.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

FKIE_CVE-2022-20826

Vulnerability from fkie_nvd - Published: 2022-11-15 21:15 - Updated: 2024-11-21 06:43

Severity ?

6.4 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.17.1
cisco	adaptive_security_appliance_software	9.17.1.9
cisco	adaptive_security_appliance_software	9.17.1.10
cisco	adaptive_security_appliance_software	9.17.1.13
cisco	adaptive_security_appliance_software	9.18.1
cisco	adaptive_security_appliance_software	9.18.1.3
cisco	secure_firewall_3105	-
cisco	secure_firewall_3110	-
cisco	secure_firewall_3120	-
cisco	secure_firewall_3130	-
cisco	secure_firewall_3140	-
cisco	firepower_threat_defense	7.1.0.0
cisco	firepower_threat_defense	7.2.0.0
cisco	firepower_threat_defense	7.2.0.1
cisco	secure_firewall_3105	-
cisco	secure_firewall_3110	-
cisco	secure_firewall_3120	-
cisco	secure_firewall_3130	-
cisco	secure_firewall_3140	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D9FDF8-13BF-425F-9802-1A334065D7C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87403E0F-659C-4C5B-863D-0274D2828A9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D24C57-2311-48E9-879E-124472E98F6F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE02D38A-5354-47E6-A46F-06D53F14F5A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F191A423-DB18-4F3A-9D31-C3DD8F185C88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF8ACA8-BDDA-4008-8422-46737396F4CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D9FDF8-13BF-425F-9802-1A334065D7C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87403E0F-659C-4C5B-863D-0274D2828A9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D24C57-2311-48E9-879E-124472E98F6F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE02D38A-5354-47E6-A46F-06D53F14F5A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F191A423-DB18-4F3A-9D31-C3DD8F185C88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality.\r\n\r This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de boot seguro de Cisco Secure Firewalls serie 3100 que ejecutan el Software Cisco Adaptive Security Appliance (ASA) o el Software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante no autenticado con acceso f\u00edsico al dispositivo omita la funcionalidad de boot seguro. Esta vulnerabilidad se debe a un error l\u00f3gico en el proceso de boot. Un atacante podr\u00eda aprovechar esta vulnerabilidad inyectando c\u00f3digo malicioso en una ubicaci\u00f3n de memoria espec\u00edfica durante el proceso de boot de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo persistente en el momento del boot y romper la cadena de confianza."
    }
  ],
  "id": "CVE-2022-20826",
  "lastModified": "2024-11-21T06:43:38.120",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.5,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:22.930",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-501"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-WPMQ-HR5X-R7WQ

Vulnerability from github – Published: 2022-11-16 12:00 – Updated: 2022-11-18 18:30

Details

Severity ?

6.8 (Medium)


                  
                    CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-20826"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-501"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-15T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality. This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.",
  "id": "GHSA-wpmq-hr5x-r7wq",
  "modified": "2022-11-18T18:30:18Z",
  "published": "2022-11-16T12:00:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20826"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2022-20826

Vulnerability from fstec - Published: 09.11.2022

Title

Description

Уязвимость реализации безопасной загрузки микропрограммного обеспечения межсетевых экранов Cisco Firepower Threat Defense (FTD) и Cisco Adaptive Security Appliance (ASA) серии Cisco Secure Firewalls 3100 связана с нарушением доверительных границ. Эксплуатация уязвимости позволяет нарушителю обойти механизм безопасной загрузки путем внедрения произвольного кода

Severity ?


                    
                      AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Cisco Systems Inc.

Software Name

Adaptive Security Appliance, Firepower Threat Defense

Software Version

от 9.18 до 9.18.2 (Adaptive Security Appliance), от 9.17 до 9.17.1.15 (Adaptive Security Appliance), от 7.1 до 7.1.0.2 (Firepower Threat Defense), от 7.2 до 7.2.1 (Firepower Threat Defense)

Possible Mitigations

Использование рекомендаций: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26 https://nvd.nist.gov/vuln/detail/CVE-2022-20826

CWE

CWE-501

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 9.18 \u0434\u043e 9.18.2 (Adaptive Security Appliance), \u043e\u0442 9.17 \u0434\u043e 9.17.1.15 (Adaptive Security Appliance), \u043e\u0442 7.1 \u0434\u043e 7.1.0.2 (Firepower Threat Defense), \u043e\u0442 7.2 \u0434\u043e 7.2.1 (Firepower Threat Defense)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.11.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "02.12.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "02.12.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-07083",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-20826",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Adaptive Security Appliance, Firepower Threat Defense",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u043e\u0432 Cisco Firepower Threat Defense (FTD) \u0438 Cisco Adaptive Security Appliance (ASA) \u0441\u0435\u0440\u0438\u0438 Cisco Secure Firewalls 3100, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0434\u043e\u0432\u0435\u0440\u0438\u044f (CWE-501)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u043e\u0432 Cisco Firepower Threat Defense (FTD) \u0438 Cisco Adaptive Security Appliance (ASA) \u0441\u0435\u0440\u0438\u0438 Cisco Secure Firewalls 3100 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435\u043c \u0434\u043e\u0432\u0435\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0433\u0440\u0430\u043d\u0438\u0446. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-20826",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-501",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,2)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,4)"
}

GSD-2022-20826

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-20826

Aliases

CVE-2022-20826

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-20826",
    "description": "A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality. This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.",
    "id": "GSD-2022-20826"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-20826"
      ],
      "details": "A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality. This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.",
      "id": "GSD-2022-20826",
      "modified": "2023-12-13T01:19:16.239428Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2022-20826",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Adaptive Security Appliance (ASA) Software",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "9.17.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "9.17.1.9"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "9.17.1.10"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "9.17.1.13"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "9.18.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "9.18.1.3"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Cisco Firepower Threat Defense Software",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "7.1.0"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "7.2.0"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "7.2.0.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality.\r\n\r This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust."
          }
        ]
      },
      "exploit": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-501",
                "lang": "eng",
                "value": "Trust Boundary Violation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26",
            "refsource": "MISC",
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-fw3100-secure-boot-5M8mUh26",
        "defects": [
          "CSCwb08411"
        ],
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*",
                    "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*",
                    "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
                    "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A5D9FDF8-13BF-425F-9802-1A334065D7C0",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "87403E0F-659C-4C5B-863D-0274D2828A9A",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "73D24C57-2311-48E9-879E-124472E98F6F",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "BE02D38A-5354-47E6-A46F-06D53F14F5A8",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F191A423-DB18-4F3A-9D31-C3DD8F185C88",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "CAF8ACA8-BDDA-4008-8422-46737396F4CB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A5D9FDF8-13BF-425F-9802-1A334065D7C0",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "87403E0F-659C-4C5B-863D-0274D2828A9A",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "73D24C57-2311-48E9-879E-124472E98F6F",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "BE02D38A-5354-47E6-A46F-06D53F14F5A8",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F191A423-DB18-4F3A-9D31-C3DD8F185C88",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality.\r\n\r This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust."
          },
          {
            "lang": "es",
            "value": "Una vulnerabilidad en la implementaci\u00f3n de boot seguro de Cisco Secure Firewalls serie 3100 que ejecutan el Software Cisco Adaptive Security Appliance (ASA) o el Software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante no autenticado con acceso f\u00edsico al dispositivo omita la funcionalidad de boot seguro. Esta vulnerabilidad se debe a un error l\u00f3gico en el proceso de boot. Un atacante podr\u00eda aprovechar esta vulnerabilidad inyectando c\u00f3digo malicioso en una ubicaci\u00f3n de memoria espec\u00edfica durante el proceso de boot de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo persistente en el momento del boot y romper la cadena de confianza."
          }
        ],
        "id": "CVE-2022-20826",
        "lastModified": "2024-01-25T17:15:15.463",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 0.9,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "HIGH",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 0.5,
              "impactScore": 5.9,
              "source": "ykramarz@cisco.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2022-11-15T21:15:22.930",
        "references": [
          {
            "source": "ykramarz@cisco.com",
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26"
          }
        ],
        "sourceIdentifier": "ykramarz@cisco.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "NVD-CWE-Other"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-501"
              }
            ],
            "source": "ykramarz@cisco.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-20826 (GCVE-0-2022-20826)

CERTFR-2022-AVI-1022

Solution

FKIE_CVE-2022-20826

GHSA-WPMQ-HR5X-R7WQ

CVE-2022-20826

GSD-2022-20826

Tags

Sightings

Nomenclature