Cisco IOS XR Software Secure Boot Bypass Vulnerability

A vulnerability exists in the boot process of Cisco IOS XR Software, allowing an authenticated local attacker with root-system privileges to bypass Secure Boot and load unverified software. This issue arises from inadequate verification of modules during the software loading process. An attacker could manipulate loaded binaries to evade integrity checks, potentially gaining control over the boot configuration. This could lead to bypassing the requirement for Cisco-signed images or altering the security properties of the running system.

Impact

Exploitation of this vulnerability could allow an attacker to load unverified software, bypassing Secure Boot and the requirement for Cisco-signed images. This could alter the security properties of the system or disrupt the integrity of the boot process.

Remediation

Cisco has released software updates to address this vulnerability. Customers with service contracts should obtain these updates through their usual channels. For those without service contracts, contact the Cisco Technical Assistance Center (TAC) for upgrades.