Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability [Updated – CVE-2023-20064]
CVE number = CVE-2023-20064 (Updated 13/11/2024)
A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line.
This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed.
An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled.
A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Vulnerable Products
At the time of publication, this vulnerability affected the following Cisco devices if they were running a vulnerable release of Cisco IOS XR Software:
- ASR 9000 Series Aggregation Services Routers (64-bit) (CSCwd35552)
- IOS XR White box (IOSXRWBD) (CSCwd35552)
- IOS XRv 9000 Routers (CSCwd35552)
- Network Convergence System (NCS) 540 Series Routers (CSCwd35552)
- NCS 560 Series Routers (CSCwd35552)
- NCS 1001 Series Routers (CSCwd35552)
- NCS 1002 Series Routers (CSCwd35552)
- NCS 1004 Series Routers (CSCwd35552)
- NCS 4000 Series Routers (CSCwc97333)
- NCS 5000 Series Routers (CSCwd35552)
- NCS 5500 Series Routers (CSCwd35552)
- NCS 5700 Series Routers (CSCwd35552)
- NCS 6000 Series Routers (CSCwc97332)
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq
Blogger at www.systemtek.co.uk