—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Secure Boot Bypass Vulnerability in CISCO 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Systems Affected

1000 Series Integrated Services Routers  17.8.1

1100 Terminal Services Gateways 17.7.1

4000 Series Integrated Services Routers 17.3.1

8100 Series Secure Routers 17.15.1

8400 Series Secure Routers 17.12.1

ASR 1000 Series Aggregation Services Routers 17.7.1

C8375-E-G2 Platforms 17.15.3

Catalyst IE3300 Rugged Series Routers 17.12.1

Catalyst IR1100 Rugged Series Routers 17.13.1

Catalyst IR8100 Heavy Duty Series Routers 17.4.1

Catalyst IR8300 Rugged Series Routers 17.7.1

Catalyst 8200 Series Edge Platforms 17.8.1

Catalyst 8300 Series Edge Platforms 17.8.1

Catalyst 8500L Edge Platforms 17.8.1

Catalyst 9200 Series Switches 17.8.1

Embedded Services 3300 Series 17.12.1

VG410 Analog Voice Gateways 17.17.1

Overview

Multiple vulnerabilities have been reported in the Cisco IOS XE Software  could allow an authenticated,  local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute persistent code at boot time and break the chain of trust.

Target Audience: 

All IT administrators and individuals responsible for maintaining and updating in Cisco IOS XE Software.

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, integrity, and availability of the system.

Description

These vulnerabilities exist due to improper validation of software packages. An attacker could exploit these vulnerabilities by placing a crafted file into a specific location on an affected device.

Successful exploitation of these vulnerabilities could allow the attacker to execute persistent code on the underlying operating system.

Solution

Apply appropriate updates as mentioned in Cisco Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC

CVE Name

CVE-2025-20313

CVE-2025-20314

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjWmEgACgkQ3jCgcSdc

ys9NbQ//VT5FZCLACiIVaHWfNa/nsbkTpoW6cEJXI9LFdXLEZu2Q6Z/+Aq6jlS22

v798/523gBTQEUoFQgI5Zv6EhP3Ewmms5oi89MfSyZBa3Sdsn0ANKnzbcnnexDQi

S0SdLI53cjOgbcFoLLxqPvp2lok7Rson1GYo8Ogflm3v7Z2xrX2Ku1Rh2luy4Skt

lOsHS9cb0f8ig59xtgJxPku26sjRp/CCaYUeXcjVk6a/3rxZgO1w0T6SrSMt7iqh

TAG55u6xrVeTc73rrWM7LrZ+0NiPL4i1b76mL0nVjuWRod3OCINaIAHXti0VtNB0

TpXdO+3c5PItknMctlAZuMBsmsm905eh/w/9L4rBJprs+bXbeEMb7GjxR454lu4/

+QjaKTaJRmwQKEA+ETd3pMv11/vVaidC598MAVYpWx3gseKGwXiqz53e+h9oyU4n

1YZhTigZa3ONFISIHrhOS453vWWShzSA9Q6nMGlbEHT9yCZK0JuJJMRrwnGY0qK/

pCtZTAbIcdi/ynlPaJVOxUEQcx29yanKh1irlvDYcazWw+9Jq9Cwqoj6w4w3Pfr9

DzcJBqxuUmL1DdUbQst/8zLLHGoNo0SnFI+1c4k0ZCI8Mfd0QHgP1DnBP/dG5Lwz

uQTtfarVt+oPq3rEVxbVqsK2MOWDDu7xb4JtTMFAl+QQXeuEV6U=

=W2Ua

—–END PGP SIGNATURE—–