Name of the Vulnerable Software and Affected Versions:

Cisco BootROM (affected versions not specified)

Description:

In BootROM, a missing validation check for Certificate Type 0 may allow for local privilege escalation without requiring additional execution privileges.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.