Show plain JSON{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20265", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.624Z", "datePublished": "2024-03-27T17:03:54.505Z", "dateUpdated": "2024-08-01T21:52:31.616Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-03-27T17:03:54.505Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device.\r\n\r This vulnerability exists because unnecessary commands are available during boot time at the physical console. An attacker could exploit this vulnerability by interrupting the boot process and executing specific commands to bypass the Cisco Secure Boot validation checks and load an image that has been tampered with. This image would have been previously downloaded onto the targeted device. A successful exploit could allow the attacker to load the image once. The Cisco Secure Boot functionality is not permanently compromised."}], "affected": [{"vendor": "Cisco", "product": "Cisco IOS XE Software", "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Cisco", "product": "Cisco Aironet Access Point Software", "versions": [{"version": "8.2.100.0", "status": "affected"}, {"version": "8.2.130.0", "status": "affected"}, {"version": "8.2.111.0", "status": "affected"}, {"version": "8.2.110.0", "status": "affected"}, {"version": "8.2.121.0", "status": "affected"}, {"version": "8.2.141.0", "status": "affected"}, {"version": "8.2.151.0", "status": "affected"}, {"version": "8.2.160.0", "status": "affected"}, {"version": "8.2.161.0", "status": "affected"}, {"version": "8.2.164.0", "status": "affected"}, {"version": "8.2.166.0", "status": "affected"}, {"version": "8.2.170.0", "status": "affected"}, {"version": "8.2.163.0", "status": "affected"}, {"version": "8.3.102.0", "status": "affected"}, {"version": "8.3.111.0", "status": "affected"}, {"version": "8.3.112.0", "status": "affected"}, {"version": "8.3.121.0", "status": "affected"}, {"version": "8.3.122.0", "status": "affected"}, {"version": "8.3.130.0", "status": "affected"}, {"version": "8.3.131.0", "status": "affected"}, {"version": "8.3.132.0", "status": "affected"}, {"version": "8.3.133.0", "status": "affected"}, {"version": "8.3.140.0", "status": "affected"}, {"version": "8.3.141.0", "status": "affected"}, {"version": "8.3.143.0", "status": "affected"}, {"version": "8.3.150.0", "status": "affected"}, {"version": "8.3.108.0", "status": "affected"}, {"version": "8.3.90.53", "status": "affected"}, {"version": "8.3.104.46", "status": "affected"}, {"version": "8.3.200.200", "status": "affected"}, {"version": "8.3.104.64", "status": "affected"}, {"version": "8.3.15.165", "status": "affected"}, {"version": "8.3.90.11", "status": "affected"}, {"version": "8.3.135.0", "status": "affected"}, {"version": "8.3.104.14", "status": "affected"}, {"version": "8.3.90.36", "status": "affected"}, {"version": "8.3.15.142", "status": "affected"}, {"version": "8.3.104.37", "status": "affected"}, {"version": "8.3.15.117", "status": "affected"}, {"version": "8.3.15.120", "status": "affected"}, {"version": "8.3.15.25", "status": "affected"}, {"version": "8.3.15.158", "status": "affected"}, {"version": "8.3.15.118", "status": "affected"}, {"version": "8.3.90.25", "status": "affected"}, {"version": "8.3.15.169", "status": "affected"}, {"version": "8.3.90.58", "status": "affected"}, {"version": "8.4.100.0", "status": "affected"}, {"version": "8.4.1.199", "status": "affected"}, {"version": "8.4.1.91", "status": "affected"}, {"version": "8.4.1.142", "status": "affected"}, {"version": "8.4.1.175", "status": "affected"}, {"version": "8.4.1.218", "status": "affected"}, {"version": "8.4.1.92", "status": "affected"}, {"version": "8.5.103.0", "status": "affected"}, {"version": "8.5.105.0", "status": "affected"}, {"version": "8.5.110.0", "status": "affected"}, {"version": "8.5.120.0", "status": "affected"}, {"version": "8.5.131.0", "status": "affected"}, {"version": "8.5.140.0", "status": "affected"}, {"version": "8.5.135.0", "status": "affected"}, {"version": "8.5.151.0", "status": "affected"}, {"version": "8.5.101.0", "status": "affected"}, {"version": "8.5.102.0", "status": "affected"}, {"version": "8.5.161.0", "status": "affected"}, {"version": "8.5.160.0", "status": "affected"}, {"version": "8.5.100.0", "status": "affected"}, {"version": "8.5.171.0", "status": "affected"}, {"version": "8.5.164.0", "status": "affected"}, {"version": "8.5.182.0", "status": "affected"}, {"version": "8.5.182.11 ME", "status": "affected"}, {"version": "8.7.102.0", "status": "affected"}, {"version": "8.7.106.0", "status": "affected"}, {"version": "8.7.1.16", "status": "affected"}, {"version": "8.8.100.0", "status": "affected"}, {"version": "8.8.111.0", "status": "affected"}, {"version": "8.8.120.0", "status": "affected"}, {"version": "8.8.125.0", "status": "affected"}, {"version": "8.8.130.0", "status": "affected"}, {"version": "8.6.101.0", "status": "affected"}, {"version": "8.6.1.84", "status": "affected"}, {"version": "8.6.1.70", "status": "affected"}, {"version": "8.6.1.71", "status": "affected"}, {"version": "8.9.100.0", "status": "affected"}, {"version": "8.9.111.0", "status": "affected"}, {"version": "8.10.105.0", "status": "affected"}, {"version": "8.10.111.0", "status": "affected"}, {"version": "8.10.130.0", "status": "affected"}, {"version": "8.10.112.0", "status": "affected"}, {"version": "8.10.122.0", "status": "affected"}, {"version": "8.10.113.0", "status": "affected"}, {"version": "8.10.121.0", "status": "affected"}, {"version": "8.10.141.0", "status": "affected"}, {"version": "8.10.142.0", "status": "affected"}, {"version": "8.10.151.0", "status": "affected"}, {"version": "8.10.150.0", "status": "affected"}, {"version": "8.10.171.0", "status": "affected"}, {"version": "8.10.181.0", "status": "affected"}, {"version": "8.10.182.0", "status": "affected"}, {"version": "8.10.161.0", "status": "affected"}, {"version": "8.10.170.0", "status": "affected"}, {"version": "8.10.183.0", "status": "affected"}, {"version": "8.10.162.0", "status": "affected"}, {"version": "8.10.185.0", "status": "affected"}]}, {"vendor": "Cisco", "product": "Cisco Business Wireless Access Point Software", "versions": [{"version": "10.0.1.0", "status": "affected"}, {"version": "10.0.2.0", "status": "affected"}, {"version": "10.1.1.0", "status": "affected"}, {"version": "10.1.2.0", "status": "affected"}, {"version": "10.2.1.0", "status": "affected"}, {"version": "10.2.2.0", "status": "affected"}, {"version": "10.3.1.0", "status": "affected"}, {"version": "10.3.1.1", "status": "affected"}, {"version": "10.3.2.0", "status": "affected"}, {"version": "10.4.1.0", "status": "affected"}, {"version": "10.4.2.0", "status": "affected"}, {"version": "10.6.1.0", "status": "affected"}, {"version": "10.6.2.0", "status": "affected"}, {"version": "10.7.1.0", "status": "affected"}, {"version": "10.8.1.0", "status": "affected"}, {"version": "10.5.2.0", "status": "affected"}]}, {"vendor": "Cisco", "product": "Cisco Aironet Access Point Software (IOS XE Controller)", "versions": [{"version": "16.10.1e", "status": "affected"}, {"version": "16.10.1", "status": "affected"}, {"version": "17.1.1t", "status": "affected"}, {"version": "17.1.1s", "status": "affected"}, {"version": "17.1.1", "status": "affected"}, {"version": "16.11.1a", "status": "affected"}, {"version": "16.11.1", "status": "affected"}, {"version": "16.11.1c", "status": "affected"}, {"version": "16.11.1b", "status": "affected"}, {"version": "16.12.1s", "status": "affected"}, {"version": "16.12.4", "status": "affected"}, {"version": "16.12.1", "status": "affected"}, {"version": "16.12.2s", "status": "affected"}, {"version": "16.12.1t", "status": "affected"}, {"version": "16.12.4a", "status": "affected"}, {"version": "16.12.5", "status": "affected"}, {"version": "16.12.3", "status": "affected"}, {"version": "16.12.6", "status": "affected"}, {"version": "16.12.8", "status": "affected"}, {"version": "16.12.7", "status": "affected"}, {"version": "16.12.6a", "status": "affected"}, {"version": "17.3.1", "status": "affected"}, {"version": "17.3.2a", "status": "affected"}, {"version": "17.3.3", "status": "affected"}, {"version": "17.3.4", "status": "affected"}, {"version": "17.3.5", "status": "affected"}, {"version": "17.3.2", "status": "affected"}, {"version": "17.3.4c", "status": "affected"}, {"version": "17.3.5a", "status": "affected"}, {"version": "17.3.5b", "status": "affected"}, {"version": "17.3.6", "status": "affected"}, {"version": "17.2.1", "status": "affected"}, {"version": "17.2.1a", "status": "affected"}, {"version": "17.2.3", "status": "affected"}, {"version": "17.2.2", "status": "affected"}, {"version": "17.5.1", "status": "affected"}, {"version": "17.4.1", "status": "affected"}, {"version": "17.4.2", "status": "affected"}, {"version": "17.6.1", "status": "affected"}, {"version": "17.6.2", "status": "affected"}, {"version": "17.6.3", "status": "affected"}, {"version": "17.6.4", "status": "affected"}, {"version": "17.6.5", "status": "affected"}, {"version": "17.6.6a", "status": "affected"}, {"version": "17.6.5a", "status": "affected"}, {"version": "17.10.1", "status": "affected"}, {"version": "17.9.1", "status": "affected"}, {"version": "17.9.2", "status": "affected"}, {"version": "17.9.3", "status": "affected"}, {"version": "17.7.1", "status": "affected"}, {"version": "17.8.1", "status": "affected"}, {"version": "17.11.1", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Trust Boundary Violation", "type": "cwe", "cweId": "CWE-501"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-secureboot-bypass-zT5vJkSD", "name": "cisco-sa-ap-secureboot-bypass-zT5vJkSD"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "baseScore": 5.9, "baseSeverity": "MEDIUM", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-ap-secureboot-bypass-zT5vJkSD", "discovery": "INTERNAL", "defects": ["CSCwf62026"]}}, "adp": [{"affected": [{"vendor": "cisco", "product": "aironet_access_point_software", "cpes": ["cpe:2.3:a:cisco:aironet_access_point_software:8.2.100.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.2.100.0", "status": "affected", "lessThanOrEqual": "8.10.185.0", "versionType": "custom"}]}, {"vendor": "cisco", "product": "business_wireless_access_point_software", "cpes": ["cpe:2.3:a:cisco:business_wireless_access_point_software:10.0.1.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "10.0.1.0", "status": "affected", "lessThanOrEqual": "10.8.1.0", "versionType": "custom"}]}, {"vendor": "cisco", "product": "aironet_access_point_software", "cpes": ["cpe:2.3:a:cisco:aironet_access_point_software:16.10.1:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "16.10.1", "status": "affected", "lessThanOrEqual": "17.11.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-03-27T19:46:28.390425Z", "id": "CVE-2024-20265", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-01T15:33:37.498Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:52:31.616Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-secureboot-bypass-zT5vJkSD", "name": "cisco-sa-ap-secureboot-bypass-zT5vJkSD", "tags": ["x_transferred"]}]}]}}