Cisco Firepower Threat Defense (FTD) Secure Boot Hardware Tampering Vulnerability (cisco-sa-20190513-secureboot)

medium Nessus Plugin ID 125341

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its version, the Cisco Firepower Threat Defense (FTD) software installed on the remote host is affected by a vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component.
This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image.

Please see the included Cisco BIDs and Cisco Security Advisory for more information

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvn77248

See Also

http://www.nessus.org/u?e13bd4a7

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvn77248

Plugin Details

Severity: Medium

ID: 125341

File Name: cisco-sa-20190513-secureboot-ftd.nasl

Version: 1.6

Type: local

Family: CISCO

Published: 5/23/2019

Updated: 5/27/2024

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2019-1649

CVSS v3

Risk Factor: Medium

Base Score: 6.7

Temporal Score: 6

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:firepower, cpe:/a:cisco:firepower_threat_defense

Required KB Items: installed_sw/Cisco Firepower Threat Defense, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/13/2019

Vulnerability Publication Date: 5/13/2019

Reference Information

CVE: CVE-2019-1649

CWE: 284

CISCO-SA: cisco-sa-20190513-secureboot

IAVA: 2019-A-0177

CISCO-BUG-ID: CSCvn77248