{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T12:01:07.721","vulnerabilities":[{"cve":{"id":"CVE-2020-3455","sourceIdentifier":"psirt@cisco.com","published":"2020-10-21T19:15:16.170","lastModified":"2024-11-21T05:31:06.197","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots."},{"lang":"es","value":"Una vulnerabilidad en el proceso de arranque seguro de Cisco FXOS Software, podría permitir a un atacante local autenticado omitir los mecanismos de arranque seguro. La vulnerabilidad es debido a unas protecciones insuficientes del proceso de arranque seguro. Un atacante podría explotar esta vulnerabilidad al inyectar código en un archivo específico al que luego se hace referencia durante el proceso de arranque del dispositivo. Una explotación con éxito podría permitir a un atacante romper la cadena de confianza e inyectar código en el proceso de arranque del dispositivo que podría ser ejecutado en cada arranque y mantendría la persistencia entre los reinicios"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-693"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*","versionEndExcluding":"2.4.1.268","matchCriteriaId":"5E2D2653-311F-4D73-8331-2F7FC8462F30"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6","versionEndExcluding":"2.6.1.214","matchCriteriaId":"22DB1993-7E30-4E53-9572-38D226656C8F"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"2.7","versionEndExcluding":"2.7.1.131","matchCriteriaId":"C2E8A64D-C8E2-4030-8616-D47741E43E3A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*","matchCriteriaId":"A0CBC7F5-7767-43B6-9384-BE143FCDBD7F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*","matchCriteriaId":"957D64EB-D60E-4775-B9A8-B21CA48ED3B1"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*","matchCriteriaId":"A694AD51-9008-4AE6-8240-98B17AB527EE"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*","matchCriteriaId":"38AE6DC0-2B03-4D36-9856-42530312CC46"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*","matchCriteriaId":"71DCEF22-ED20-4330-8502-EC2DD4C9838F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*","matchCriteriaId":"3DB2822B-B752-4CD9-A178-934957E306B4"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*","matchCriteriaId":"81F4868A-6D62-479C-9C19-F9AABDBB6B24"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*","matchCriteriaId":"65378F3A-777C-4AE2-87FB-1E7402F9EA1B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*","matchCriteriaId":"18048A84-BA0F-48EF-AFFB-635FF7F70C66"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*","matchCriteriaId":"317DF3DD-C7CD-4CA2-804F-A738E048BEB4"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*","matchCriteriaId":"C13CF29B-9308-452B-B7E0-9E818B5A6C1E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*","matchCriteriaId":"6DB527C2-855E-4BB9-BCA7-94BE86100D44"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*","matchCriteriaId":"E82C1B05-990D-49D2-B80A-C3EDD4082840"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*","matchCriteriaId":"421D91C3-8AB3-45E1-9E55-13ED1A4A623E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*","matchCriteriaId":"2D741945-8B0A-408D-A5FE-D5B38DC6D46A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*","matchCriteriaId":"9308CA67-E949-4338-A890-22B3C4428D70"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn","source":"psirt@cisco.com","tags":["Patch","Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}