CVE-2024-20397
published 2024-12-04CVE-2024-20397: A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an…
medium5.2CVSS 3.1
AVPACLPRNUINSUCLIHAN
A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.
This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software.
Affected
382 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |
| cisco | cisco_nx-os_software | — | — |