Cisco Family July 2024 First Round Security Update Advisory

Overview

 

Cisco(https://www.cisco.com) has released a security update that fixes vulnerabilities in their supplied products. Users of affected systems are advised to update to the latest version.

 

Affected Products

 

Cisco Adaptive Security Appliance (ASA) Software

Cisco IOS XR Software

 

Resolved Vulnerabilities

 

Vulnerability to control boot configuration due to an error in the software build process in Cisco IOS XR Software (CVE-2024-20456, CVSS 6.7) [1]

 

Vulnerability Patches

 

Product-specific Vulnerability Patches were made available in the 07/10/2024 update. please refer to the ‘Affected Products’ and ‘Fixed Software’ in the product-specific information in the Referenced Sites below to apply the patches.

 

Referenced Sites

 

[1] Cisco IOS XR Software Secure Boot Bypass Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-secure-boot-quD5g8Ap