What is the severity of CVE-2021-1309?

The severity of CVE-2021-1309 is high with a CVSS score of 8.8.

Which Cisco routers are affected by CVE-2021-1309?

Cisco Small Business RV Series Routers with specific firmware versions: 1.0.0.14, 1.0.1.14, and 1.0.1.20.

How can I fix CVE-2021-1309?

Update the firmware of the affected Cisco Small Business RV Series Routers to a version that includes the necessary security patches.

Vulnerability/
CVE-2021-1309

high

8.8

CWE

401 119

8/4/2021

8/11/2024

CVE-2021-1309: Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities

First published: Thu Apr 08 2021(Updated: )

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco RV132W Firmware	=1.0.0.14
Cisco RV132W Firmware	=1.0.1.14
Cisco RV132W Firmware	=1.0.1.20
Cisco RV132W Firmware
Cisco RV134W Firmware	=1.0.0.14
Cisco RV134W Firmware	=1.0.1.14
Cisco RV134W Firmware	=1.0.1.20
Cisco RV134W Firmware
Cisco RV160W Firmware	=1.0.0.14
Cisco RV160W Firmware	=1.0.1.14
Cisco RV160W Firmware	=1.0.1.20
Cisco RV160W Firmware
Cisco RV160W Firmware	=1.0.0.14
Cisco RV160W Firmware	=1.0.1.14
Cisco RV160W Firmware	=1.0.1.20
Cisco RV160W Firmware
Cisco RV260 Firmware	=1.0.0.14
Cisco RV260 Firmware	=1.0.1.14
Cisco RV260 Firmware	=1.0.1.20
Cisco RV260W
Cisco RV260P Firmware	=1.0.0.14
Cisco RV260P Firmware	=1.0.1.14
Cisco RV260P Firmware	=1.0.1.20
Cisco RV260P Firmware
Cisco RV260W Firmware	=1.0.0.14
Cisco RV260W Firmware	=1.0.1.14
Cisco RV260W Firmware	=1.0.1.20
Cisco RV260W Firmware
Cisco RV340W Firmware	=1.0.0.14
Cisco RV340W Firmware	=1.0.1.14
Cisco RV340W Firmware	=1.0.1.20
Cisco RV340W Firmware
Cisco RV340W Firmware	=1.0.0.14
Cisco RV340W Firmware	=1.0.1.14
Cisco RV340W Firmware	=1.0.1.20
Cisco RV340W Firmware
Cisco RV345 Firmware	=1.0.0.14
Cisco RV345 Firmware	=1.0.1.14
Cisco RV345 Firmware	=1.0.1.20
Cisco RV345P Firmware
Cisco RV345P Firmware	=1.0.0.14
Cisco RV345P Firmware	=1.0.1.14
Cisco RV345P Firmware	=1.0.1.20
Cisco RV345P Firmware

Never miss a vulnerability like this again

Reference Links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-multi-lldp-u7e4chCe

Frequently Asked Questions

What is CVE-2021-1309?
CVE-2021-1309 is a vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers.
What is the severity of CVE-2021-1309?
The severity of CVE-2021-1309 is high with a CVSS score of 8.8.
How can an attacker exploit CVE-2021-1309?
An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload.
Which Cisco routers are affected by CVE-2021-1309?
Cisco Small Business RV Series Routers with specific firmware versions: 1.0.0.14, 1.0.1.14, and 1.0.1.20.
How can I fix CVE-2021-1309?
Update the firmware of the affected Cisco Small Business RV Series Routers to a version that includes the necessary security patches.

agent/type
agent/references
agent/author
agent/weakness
agent/description
agent/severity
agent/title
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco rv132w firmware
version/cisco rv132w firmware/1.0.0.14
version/cisco rv132w firmware/1.0.1.14
version/cisco rv132w firmware/1.0.1.20
canonical/cisco rv134w firmware
version/cisco rv134w firmware/1.0.0.14
version/cisco rv134w firmware/1.0.1.14
version/cisco rv134w firmware/1.0.1.20
canonical/cisco rv160w firmware
version/cisco rv160w firmware/1.0.0.14
version/cisco rv160w firmware/1.0.1.14
version/cisco rv160w firmware/1.0.1.20
canonical/cisco rv260 firmware
version/cisco rv260 firmware/1.0.0.14
version/cisco rv260 firmware/1.0.1.14
version/cisco rv260 firmware/1.0.1.20
canonical/cisco rv260w
canonical/cisco rv260p firmware
version/cisco rv260p firmware/1.0.0.14
version/cisco rv260p firmware/1.0.1.14
version/cisco rv260p firmware/1.0.1.20
canonical/cisco rv260w firmware
version/cisco rv260w firmware/1.0.0.14
version/cisco rv260w firmware/1.0.1.14
version/cisco rv260w firmware/1.0.1.20
canonical/cisco rv340w firmware
version/cisco rv340w firmware/1.0.0.14
version/cisco rv340w firmware/1.0.1.14
version/cisco rv340w firmware/1.0.1.20
canonical/cisco rv345 firmware
version/cisco rv345 firmware/1.0.0.14
version/cisco rv345 firmware/1.0.1.14
version/cisco rv345 firmware/1.0.1.20
canonical/cisco rv345p firmware
version/cisco rv345p firmware/1.0.0.14
version/cisco rv345p firmware/1.0.1.14
version/cisco rv345p firmware/1.0.1.20

CVE-2021-1309: Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-1309?

What is the severity of CVE-2021-1309?

How can an attacker exploit CVE-2021-1309?

Which Cisco routers are affected by CVE-2021-1309?

How can I fix CVE-2021-1309?

Company

Resources

Contact