Cosmo Physical Access Vulnerabilities: USB/JTAG/GRUB Privilege Escalation and Firmware Tampering (CVE-2025-59694-59703)

Critical Vulnerability Information Vulnerability Overview CVSS Score: 8.2 CVE ID: CVE-2025-59705 Severity: High Affected Versions Affected Versions: 12.80.4-274-813026a Patched Versions: v13.6.12 and v13.9.0 Vulnerability List and Descriptions 1. Front USB Port Vulnerability - CVE: CVE-2025-59705 - Description: Attacker can enable USB access during boot, leading to root access and potential modification of the appliance. 2. JTAG Firmware Modification - CVE: CVE-2025-59694 - Description: Firmware and storage can be accessed and modified via JTAG. 3. Boot Chain Protection - CVE: CVE-2025-59694 - Description: Unprotected boot chain allows persistent firmware modifications. 4. Unverified Firmware Upgrades - CVE: CVE-2025-59695 - Description: Attacker can modify Cosmo firmware remotely. 5. Unprotected Boot Chain - CVE: CVE-2025-59696 - Description: Tamper log can be edited to hide or modify tamper events. 6. Unsecured GRUB - CVE: CVE-2025-59697 - Description: GRUB can be used to gain root access by editing the kernel arguments. 7. EOL Software Vulnerabilities - CVE: CVE-2025-59698 - Description: GRUB 0.97 EOL with known vulnerabilities can be exploited. 8. USB Boot Without Authentication - CVE: CVE-2025-59699 - Description: USB drive with a valid root filesystem can grant root access. 9. Recovery Partition Editable - CVE: CVE-2025-59700 - Description: Recovery partition can be modified with root access. 10. Unencrypted and Unverified SSD - CVE: CVE-2025-59701 - Description: SSD can be read and modified with physical access. 11. Tamper Log Output Modification - CVE: CVE-2025-59702 - Description: Tamper log display can be altered, showing no tamper events irrespective of actual tampering. 12. Tamper Label Removable - CVE: CVE-2025-59703 - Description: Tamper-evident label can be removed without leaving traces. 13. BIOS Setup Unsecured - CVE: CVE-2025-59704 - Description: USB access during boot allows entry into the BIOS setup, altering security settings. Timeline Reported: 06/23/2025 Fixed: 08/22/2025 Disclosed: 09/22/2025 Credit Credit: Daniel Burian, Michael Wünsch

Goal Reached Thanks to every supporter — we hit 100%!

Cosmo Physical Access Vulnerabilities: USB/JTAG/GRUB Privilege Escalation and Firmware Tampering (CVE-2025-59694-59703)

More from this source