CVE-2023-20082

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches versions prior to 16.11.1

Description A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This issue arises from errors in retrieving the public release key used for image signature verification. An attacker could exploit this by modifying specific variables in the Serial Peripheral Interface (SPI) flash memory of an affected device, potentially allowing the execution of persistent code on the underlying operating system.

Recommendations For versions prior to 16.11.1, consider updating to Cisco IOS XE Software release 16.11.1 or later to increase the complexity of an attack using this vulnerability. As a temporary workaround, restrict access to the device to prevent attackers from downgrading the software to a version with lower attack complexity. Additionally, limit privileges to prevent attackers with level-15 privileges from easily downgrading the Cisco IOS XE Software.