Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. This vulnerability exists because unnecessary commands are available during boot time at the physical console. An attacker could exploit this vulnerability by interrupting the boot process and executing specific commands to bypass the Cisco Secure Boot validation checks and load an image that has been tampered with. This image would have been previously downloaded onto the targeted device. A successful exploit could allow the attacker to load the image once. The Cisco Secure Boot functionality is not permanently compromised.
CVSS Information
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
违背信任边界
Vulnerability Title
Cisco Access Point 安全漏洞
Vulnerability Description
Cisco Access Point是美国思科(Cisco)公司的一款网络接入点设备。为小型办公室提供高密度无线连接。 Cisco Access Point Software 存在安全漏洞,该漏洞源于启动过程中的漏洞可能允许未经身份验证的物理攻击者绕过思科安全启动功能并加载受影响设备上已被篡改的软件映像。
CVSS Information
N/A
Vulnerability Type
N/A