Cisco NX-OS Software Image Verification Bypass Vulnerability (CVE-2024-20397)

CVE number = CVE-2024-20397

A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.

This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This vulnerability affects the following Cisco products if they are running a release of Cisco NX-OS Software that includes a vulnerable BIOS version, regardless of device configuration:

UCS 6500 Series Fabric Interconnects (CSCwj35846)

MDS 9000 Series Multilayer Switches (CSCwh76163)

Nexus 3000 Series Switches (CSCwm47438)

Nexus 7000 Series Switches (CSCwh76166)

Nexus 9000 Series Fabric Switches in ACI mode (CSCwn11901)

Nexus 9000 Series Switches in standalone NX-OS mode (CSCwm47438)

UCS 6400 Series Fabric Interconnects (CSCwj35846)

Further details at – https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-image-sig-bypas-pQDRQvjL