Details of VAR-202209-1879

ID

VAR-202209-1879

CVE

CVE-2022-20944

TITLE

Cisco Systems Cisco IOS XE Digital Signature Verification Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-018911

DESCRIPTION

A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to an improper check in the code function that manages the verification of the digital signatures of system image files during the initial boot process. An attacker could exploit this vulnerability by loading unsigned software on an affected device. A successful exploit could allow the attacker to boot a malicious software image or execute unsigned code and bypass the image verification check part of the boot process of the affected device. To exploit this vulnerability, the attacker needs either unauthenticated physical access to the device or privileged access to the root shell on the device. Note: In Cisco IOS XE Software releases 16.11.1 and later, root shell access is protected by the Consent Token mechanism. However, an attacker with level-15 privileges could easily downgrade the Cisco IOS XE Software running on a device to a release where root shell access is more readily available. Cisco Systems Cisco IOS XE Exists in a digital signature verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Catalyst 9200 Series Switches is a switch made by Cisco (Cisco). Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. For a complete list of the advisories and links to them, see Cisco Event Response: September 2022 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication

Trust: 2.25

sources: NVD: CVE-2022-20944 // JVNDB: JVNDB-2022-018911 // CNVD: CNVD-2022-91643 // VULMON: CVE-2022-20944

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-91643

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	-	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco ios xe	scope:	eq	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst	scope:	eq	version:	9200	Trust: 0.6
vendor:	cisco	model:	catalyst c9200l-48pxg-2y	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	catalyst c9200l-48pxg-4x	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	catalyst c9200l-48t-4g	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	catalyst c9200l-48t-4x	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	catalyst c9200-24p	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	catalyst c9200-24t	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	catalyst c9200-48p	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2022-91643 // JVNDB: JVNDB-2022-018911 // NVD: CVE-2022-20944

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-20944
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20944
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-20944
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2022-91643
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202209-2909
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2022-91643
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2022-20944
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20944
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	0.9
impactScore:	5.2
version:	3.1
Trust: 1.0
NVD:	CVE-2022-20944
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-91643 // JVNDB: JVNDB-2022-018911 // CNNVD: CNNVD-202209-2909 // NVD: CVE-2022-20944 // NVD: CVE-2022-20944

PROBLEMTYPE DATA

problemtype:	CWE-347	Trust: 1.0
problemtype:	Improper verification of digital signatures (CWE-347) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-018911 // NVD: CVE-2022-20944

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-202209-2909

PATCH

title:	cisco-sa-ios-xe-cat-verify-D4NEQA6q	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cat-verify-D4NEQA6q	Trust: 0.8
title:	Patch for Cisco Catalyst 9200 Series Switch Data Forgery Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/384541	Trust: 0.6
title:	Cisco Catalyst 9200 Series Switches Repair measures for data forgery problem vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=209366	Trust: 0.6
title:	Cisco: Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ios-xe-cat-verify-D4NEQA6q	Trust: 0.1

sources: CNVD: CNVD-2022-91643 // VULMON: CVE-2022-20944 // JVNDB: JVNDB-2022-018911 // CNNVD: CNNVD-202209-2909

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20944	Trust: 3.9
db:	JVNDB	id:	JVNDB-2022-018911	Trust: 0.8
db:	CNVD	id:	CNVD-2022-91643	Trust: 0.6
db:	CNNVD	id:	CNNVD-202209-2909	Trust: 0.6
db:	VULMON	id:	CVE-2022-20944	Trust: 0.1

sources: CNVD: CNVD-2022-91643 // VULMON: CVE-2022-20944 // JVNDB: JVNDB-2022-018911 // CNNVD: CNNVD-202209-2909 // NVD: CVE-2022-20944

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ios-xe-cat-verify-d4neqa6q	Trust: 2.3
url:	https://vigilance.fr/vulnerability/cisco-ios-xe-catalyst-9200-code-execution-via-software-image-verification-39401	Trust: 1.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-20944	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-20944/	Trust: 0.6

sources: CNVD: CNVD-2022-91643 // VULMON: CVE-2022-20944 // JVNDB: JVNDB-2022-018911 // CNNVD: CNNVD-202209-2909 // NVD: CVE-2022-20944

SOURCES

db:	CNVD	id:	CNVD-2022-91643
db:	VULMON	id:	CVE-2022-20944
db:	JVNDB	id:	JVNDB-2022-018911
db:	CNNVD	id:	CNNVD-202209-2909
db:	NVD	id:	CVE-2022-20944

LAST UPDATE DATE

2024-08-14T15:27:05.130000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-91643	date:	2022-12-29T00:00:00
db:	JVNDB	id:	JVNDB-2022-018911	date:	2023-10-24T00:43:00
db:	CNNVD	id:	CNNVD-202209-2909	date:	2022-10-14T00:00:00
db:	NVD	id:	CVE-2022-20944	date:	2023-11-07T03:43:22.357

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-91643	date:	2022-12-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-018911	date:	2023-10-24T00:00:00
db:	CNNVD	id:	CNNVD-202209-2909	date:	2022-09-28T00:00:00
db:	NVD	id:	CVE-2022-20944	date:	2022-10-10T21:15:10.480