CVE-2020-3308

MEDIUM

Cisco Firepower Threat Defense - Privilege Escalation

Title source: llm

Description

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP

Scores

CVSS v3 4.9

EPSS 0.0008

EPSS Percentile 23.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-347

Status published

Products (3)

cisco/firepower_threat_defense < 6.2.2.1

cisco/secure_firewall_management_center 6.2.2

cisco/secure_firewall_management_center 6.2.3

Published May 06, 2020

Tracked Since Feb 18, 2026