How severe is CVE-2022-20826?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2022-20826?

This is classified as CWE-501, which is a common weakness in software security.

CVE-2022-20826

MEDIUM Year: 2022

CVSS v3 Score

6.8

Medium

Weakness Type

CWE-501

View all →

Vulnerability Description

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality. This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.

CVE-2019-0035

MEDIUM

CVSS:6.8(Medium)

When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using "set system root-authentication plain-text-passw...

CWE-5012019

CVE-2020-15096

MEDIUM

CVSS:6.8(Medium)

In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated ...

CWE-5012020

CVE-2024-1725

MEDIUM

CVSS:6.5(Medium)

A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an authenticated attacker to gain access to the root HCP worker node's v...

CWE-5012024

CVE-2023-28597

HIGH

CVSS:7.5(High)

Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web por...

CWE-5012023

CVE-2024-9779

HIGH

CVSS:7.5(High)

A flaw was found in Open Cluster Management (OCM) when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service ...

CWE-5012024

CVE-2024-20265

MEDIUM

CVSS:5.9(Medium)

A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that h...

CWE-5012024

CVE-2022-20826

Vulnerability Description

Related Vulnerabilities

CVE-2019-0035

CVE-2020-15096

CVE-2024-1725

CVE-2023-28597

CVE-2024-9779

CVE-2024-20265