Detections
Analytics

Cisco IOS Software for Catalyst 2960X 2960XR 2960CX 3560CX Series Switches Secure Boot Bypass (cisco-sa-c2960-3560-sboot-ZtqADrHq)

medium Nessus Plugin ID 235487

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco IOS is affected by a vulnerability.

 - A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to missing signature verification for specific files that may be loaded during the device boot process. An attacker could exploit this vulnerability by placing a crafted file into a specific location on an affected device. A successful exploit could allow the attacker to execute arbitrary code at boot time. Because this allows the attacker to bypass a major security feature of the device, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.
 (CVE-2025-20181)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvd75918

See Also

http://www.nessus.org/u?36d09f82

http://www.nessus.org/u?564dd2a1

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd75918

Plugin Details

Severity: Medium

ID: 235487

File Name: cisco-sa-c2960-3560-sboot-ZtqADrHq-ios.nasl

Version: 1.2

Type: combined

Family: CISCO

Published: 5/7/2025

Updated: 5/9/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2025-20181

CVSS v3

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version, Host/Cisco/IOS/Model

Exploit Ease: No known exploits are available

Patch Publication Date: 5/7/2025

Vulnerability Publication Date: 5/7/2025

Reference Information

CVE: CVE-2025-20181

CWE: 347

CISCO-SA: cisco-sa-c2960-3560-sboot-ZtqADrHq

IAVA: 2025-A-0318

CISCO-BUG-ID: CSCvd75918