Cisco has revealed a high-rated vulnerability in its Catalyst 9300 switch software that could allow persistent code to be installed by an attacker at boot time.
The bug, detailed here, requires “level-15 privileges”, or “an unauthenticated attacker with physical access” to be exploited.
That means a bad actor in the supply chain – for example, compromised reseller staff – could “execute persistent code at boot time and break the chain of trust”.
“This vulnerability is due to errors that occur when retrieving the public release key that is used for image signature verification," the advisory stated.
The switches are vulnerable if they’re running IOS XE software using an IOS XE ROM Monitor earlier than Release 17.3.7r, Release 17.6.5r, or Release 17.8.1r.
The bug was one of nine high-rated and nine medium-rated vulnerabilities disclosed today, including six related to the company’s IOS and IOS XE software.
