CVE-2021-1449
Last modified
CVE-2021-1449 is a medium-severity vulnerability rated 6.7/10 on the CVSS scale. A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. EPSS estimates a 0.27% chance of exploitation in the next 30 days.
Description
A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device.
Metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Aironet Access Point Software | All versions |
| Cisco | Catalyst 9800 Firmware | < 16.12.5 |
| Cisco | Catalyst 9800 Firmware | >= 17.1, < 17.3.3 |
| Cisco | Catalyst 9800 Firmware | >= 17.4, < 17.5.1 |
| Cisco | Wireless Lan Controller Software | < 8.5.171.0 |
| Cisco | Wireless Lan Controller Software | >= 8.6, < 8.10.150.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-1449?
How severe is CVE-2021-1449?
How do I fix CVE-2021-1449?
Are you affected by CVE-2021-1449?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST