6.8
CVE-2023-20082
- EPSS 0.13%
- Published 23.03.2023 17:15:14
- Last modified 21.11.2024 07:40:30
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to errors that occur when retrieving the public release key that is used for image signature verification. An attacker could exploit this vulnerability by modifying specific variables in the Serial Peripheral Interface (SPI) flash memory of an affected device. A successful exploit could allow the attacker to execute persistent code on the underlying operating system. Note: In Cisco IOS XE Software releases 16.11.1 and later, the complexity of an attack using this vulnerability is high. However, an attacker with level-15 privileges could easily downgrade the Cisco IOS XE Software on a device to a release that would lower the attack complexity.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Ios Xe Version < 17.3.7
Cisco ≫ Catalyst 9300 Version-
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9300lm Version-
Cisco ≫ Catalyst 9300x Version-
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9300lm Version-
Cisco ≫ Catalyst 9300x Version-
Cisco ≫ Ios Xe Version >= 17.4 < 17.6.5
Cisco ≫ Catalyst 9300 Version-
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9300lm Version-
Cisco ≫ Catalyst 9300x Version-
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9300lm Version-
Cisco ≫ Catalyst 9300x Version-
Cisco ≫ Ios Xe Version17.7
Cisco ≫ Catalyst 9300 Version-
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9300lm Version-
Cisco ≫ Catalyst 9300x Version-
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9300lm Version-
Cisco ≫ Catalyst 9300x Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.341 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| psirt@cisco.com | 6.1 | 0.9 | 5.2 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.