Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Catalyst 6800 Series Switches ROM Monitor Software Secure Boot Bypass Vulnerability
Vulnerability Description
A vulnerability in Cisco IOS ROM Monitor (ROMMON) Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, local attacker to bypass Cisco Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to the presence of a hidden command in the affected software. An attacker could exploit this vulnerability by connecting to an affected device via the console, forcing the device into ROMMON mode, and writing a malicious pattern to a specific memory address on the device. A successful exploit could allow the attacker to bypass signature validation checks by Cisco Secure Boot technology and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.
CVSS Information
N/A
Vulnerability Type
权限、特权和访问控制
Vulnerability Title
多款Cisco产品IOS ROM Monitor Software 权限许可和访问控制漏洞
Vulnerability Description
Cisco Catalyst 6800 Series Supervisor Engine 6T等都是美国思科(Cisco)公司的交换机产品。IOS ROM Monitor(ROMMON)Software是其中的一套针对iOS设备的ROM监控软件。 多款Cisco产品中的IOS ROMMON Software存在权限许可和访问控制漏洞,该漏洞源于受影响的软件中存在隐藏的命令。本地攻击者可利用该漏洞绕过Cisco Secure Boot技术的签名验证检测并在受影响的设备上加载未经Cisco电子签名的任意软件映
CVSS Information
N/A
Vulnerability Type
N/A