^{CVE-2022-20944:}A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to an improper check in the code function that manages the verification of the digital signatures of system image files during the initial boot process. An attacker could exploit this vulnerability by loading unsigned software on an affected device. A successful exploit could allow the attacker to boot a malicious software image or execute unsigned code and bypass the image verification check part of the boot process of the affected device. To exploit this vulnerability, the attacker needs either unauthenticated physical access to the device or privileged access to the root shell on the device. Note: In Cisco IOS XE Software releases 16.11.1 and later, root shell access is protected by the Consent Token mechanism. However, an attacker with level-15 privileges could easily downgrade the Cisco IOS XE Software running on a device to a release where root shell access is more readily available.

Industry ExposureMost to least

This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

1. Manufacturing
   Manufacturing
2. Finance and Insurance
   Finance and Insurance
3. Management of Companies & Enterprises
   Management of Companies & Enterprises
4. Arts, Entertainment & Recreation
   Arts, Entertainment & Recreation
5. Health Care & Social Assistance
   Health Care & Social Assistance
6. Other Services (except Public Administration)
   Other Services (except Public Administration)
7. Professional, Scientific, & Technical Services
   Professional, Scientific, & Technical Services
8. Public Administration
   Public Administration
9. Real Estate Rental & Leasing
   Real Estate Rental & Leasing
10. Retail Trade
    Retail Trade
11. Transportation & Warehousing
    Transportation & Warehousing
12. Accommodation & Food Services
    Accommodation & Food Services
13. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
14. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
15. Construction
    Construction
16. Educational Services
    Educational Services
17. Information
    Information
18. Mining
    Mining
19. Utilities
    Utilities
20. Wholesale Trade
    Wholesale Trade