CVE-2024-20265

Name of the Vulnerable Software and Affected Versions Cisco Access Point (AP) Software versions (affected versions not specified)

Description The issue is related to a security bypass in the boot process of Cisco Access Point (AP) Software. This could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. The vulnerability exists because unnecessary commands are available during boot time at the physical console. An attacker could exploit this by interrupting the boot process and executing specific commands to bypass the Cisco Secure Boot validation checks and load an image that has been tampered with.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.