Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-1736

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improper validation of the server firmware upgrade images. An attacker could exploit this vulnerability by installing a server firmware version that would allow the attacker to disable UEFI Secure Boot. A successful exploit could allow the attacker to bypass the signature validation checks that are done by UEFI Secure Boot technology and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.

Published

2020-09-23T01:15:14.300

Last Modified

2024-11-21T04:37:12.767

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.6 (MEDIUM)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.4

Impact Score

10.0

Weaknesses

Type: Secondary
CWE-347
Type: Primary
CWE-347

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	fmc1000-k9_bios	< 4.0.1f.0	Yes
Operating System	cisco	fmc1000-k9_firmware	< 4.0.2h	Yes
Operating System	cisco	fmc2500-k9_bios	< 4.0.1f.0	Yes
Operating System	cisco	fmc2500-k9_firmware	< 4.0.2h	Yes
Operating System	cisco	fmc4500-k9_bios	< 4.0.1f.0	Yes
Operating System	cisco	fmc4500-k9_firmware	< 4.0.2h	Yes
Operating System	cisco	sns-3515-k9_bios	< 4.0.2d	Yes
Operating System	cisco	sns-3515-k9_firmware	< 4.0.2h	Yes
Operating System	cisco	sns-3595-k9_bios	< 4.0.2d	Yes
Operating System	cisco	sns-3595-k9_firmware	< 4.0.2h	Yes
Operating System	cisco	sns-3615-k9_bios	< 4.0.1i	Yes
Operating System	cisco	sns-3615-k9_firmware	< 4.0.1g	Yes
Operating System	cisco	sns-3655-k9_bios	< 4.0.1i	Yes
Operating System	cisco	sns-3655-k9_firmware	< 4.0.1g	Yes
Operating System	cisco	sns-3695-k9_bios	< 4.0.1i	Yes
Operating System	cisco	sns-3695-k9_firmware	< 4.0.1g	Yes
Operating System	cisco	tg5004-k9_bios	< 4.0.2d	Yes
Operating System	cisco	tg5004-k9_firmware	< 4.0.2h	Yes
Operating System	cisco	tg5004-k9-rf_bios	< 4.0.2d	Yes
Operating System	cisco	tg5004-k9-rf_firmware	< 4.0.2h	Yes
Application	cisco	identity_services_engine	2.4\(0.357\)	Yes
Application	cisco	identity_services_engine	2.6\(0.156\)	Yes
Application	cisco	unified_computing_system	3.2\(3h\)c	Yes

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-ucs-boot-bypass Patch, Vendor Advisory ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-ucs-boot-bypass Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)