Cisco has identified a critical vulnerability in the iPXE boot function of its IOS XR software. This vulnerability stems from insufficient image verification during the iPXE boot process, which could allow an authenticated, local attacker to install an unverified software image on affected devices.
An attacker could exploit this vulnerability by manipulating boot parameters, potentially booting an unverified software image on the device.
Cisco has issued software updates to address this security flaw, but no workarounds are currently available.
“This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device.”
“A successful exploit could allow the attacker to boot an unverified software image on the affected device.” Cisco said.
Download Free Cybersecurity Planning Checklist for SME Leaders (PDF) – [Free Download](https://go.cynet.com/cybersecurity-planning-checklist-2024?utm_source=cyber_security_news&utm_medium=display_ad&utm_campaign=Q3-sponsored-content)
Affected Products
The vulnerability affects several Cisco products running specific versions of IOS XR Software, including:
-
8000 Series Routers
-
ASR 9000 Series Aggregation Services Routers
-
Network Convergence System (NCS) 540, 560, 1000, 4000, 5000, 5500, and 5700 Series Routers
For detailed information about vulnerable software releases, refer to the Fixed Software section of the advisory.
Cisco has confirmed that the following products are not affected by this vulnerability:
-
IOS Software
-
IOS XE Software
-
NX-OS Software
Software Updates and Recommendations
Cisco advises customers to regularly consult the Cisco Security Advisories page to determine their exposure and to find a complete upgrade solution.
Before upgrading, ensure that devices have sufficient memory and that current configurations will be supported by the new release. Customers with questions should contact the Cisco Technical Assistance Center (TAC) or their maintenance providers.
The table below outlines the first fixed releases for affected Cisco platforms:
Cisco PlatformFirst Fixed Release8000 Series Routers7.10.1ASR 9000 Series Lightspeed-based24.1.1ASR 990124.3.1ASR 990324.3.1NCS 56024.2.1NCS 100424.1.1NCS 55007.10.1NCS 57007.10.1
There are no fixes for ASR 9000 Series Tomahawk-based line cards, NCS 1001, and NCS 4000.
No public announcements or reports of malicious exploitation of this vulnerability have been made. The Cisco Product Security Incident Response Team (PSIRT) continues to monitor the situation.
The complete advisory can be accessed here for further details. This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication.
Follow us over X and LinkedIn for Daily Cyber Security News and Research Updates
Also Read:
Cisco Software Manager Password Change Vulnerability Let Hackers Change password
Microsoft Entra ID (Azure AD) Vulnerability Let Attackers Gain Global Admin Access
AMD Patches Multiple Memory Vulnerabilities That Leads Corrupt The Guest VM
