vulnerability
Cisco UCS Manager: CVE-2024-20397: Cisco NX-OS Software Image Verification Bypass Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:N/C:P/I:C/A:N) | Dec 4, 2024 | Dec 5, 2024 | Apr 1, 2026 |
Severity
6
CVSS
(AV:L/AC:L/Au:N/C:P/I:C/A:N)
Published
Dec 4, 2024
Added
Dec 5, 2024
Modified
Apr 1, 2026
Description
A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.
This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software.
Solution
cisco-ucs-manager-upgrade-latest
References
- CVE-2024-20397
- https://attackerkb.com/topics/CVE-2024-20397
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-image-sig-bypas-pQDRQvjL
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-18112
- CISCO-cisco-sa-nxos-image-sig-bypas-pQDRQvjL
- CWE-284
- EUVD-EUVD-2024-18112
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.