| Vulnerability Name | Unsigned Code Execution Vulnerability in Cisco IOS XR Software |
| Severity Rating | HIGH |
| Software Affected | Cisco IOS XR 64-bit Software |
| CVE Name | CVE-2020-3284 |
Overview
A Vulnerability has been reported in Cisco IOS XR 64-bit Software which could allow an authenticated, local attacker to execute unsigned code during the PXE boot process on an affected device.
Description
A vulnerability exists in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. Successful exploitation of this vulnerability could allow an attacker to execute unsigned code on the affected device.
Solution
Apply appropriate updates as mentioned in:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2
Vendor Information
CISCO
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2
References
CISCO
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Note: Any unusual activity or attack should be reported immediately at incident@cert-in.org.in, cert.ksitm@kerala.gov.in with the relevant logs for analysis and taking further appropriate actions.