CVE-2020-3455

Name of the Vulnerable Software and Affected Versions Cisco FXOS Software (affected versions not specified)

Description A vulnerability in the secure boot process could allow an authenticated, local attacker to bypass the secure boot mechanisms due to insufficient protections. The attacker could exploit this by injecting code into a specific file referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust, inject code into the boot process, and maintain persistence across reboots.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.