First published: Wed Mar 24 2021(Updated: )
A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Aironet Access Point Software | ||
Cisco 1100 Integrated Services Router | ||
Cisco Aironet 1540 | ||
Cisco Aironet 1560 | ||
Cisco Aironet 1800 | ||
Cisco Aironet 2800 | ||
Cisco Aironet 3800 | ||
Cisco Aironet 4800 | ||
Cisco Catalyst 9100 | ||
Cisco Catalyst Iw6300 | ||
Cisco Esw6300 | ||
Cisco Catalyst 9800 Firmware | <16.12.5 | |
Cisco Catalyst 9800 Firmware | >=17.1<17.3.3 | |
Cisco Catalyst 9800 Firmware | >=17.4<17.5.1 | |
Cisco Catalyst 9800 | ||
Cisco Wireless LAN Controller Software | <8.5.171.0 | |
Cisco Wireless LAN Controller Software | >=8.6<8.10.150.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-1449 is a vulnerability in the boot logic of Cisco Access Points Software that allows an authenticated local attacker to execute unsigned code at boot time.
CVE-2021-1449 affects Cisco Aironet Access Point Software, Cisco Catalyst 9800 Firmware, and Cisco Wireless LAN Controller Software.
CVE-2021-1449 has a severity rating of 6.7, which is considered medium.
An attacker can exploit CVE-2021-1449 by executing unsigned code at boot time.
You can find more information about CVE-2021-1449 in the Cisco Security Advisory.