CWE
284
Advisory Published
Updated

CVE-2021-1449: Cisco Access Point Software Arbitrary Code Execution Vulnerability

First published: Wed Mar 24 2021(Updated: )

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco Aironet Access Point Software
Cisco 1100 Integrated Services Router
Cisco Aironet 1540
Cisco Aironet 1560
Cisco Aironet 1800
Cisco Aironet 2800
Cisco Aironet 3800
Cisco Aironet 4800
Cisco Catalyst 9100
Cisco Catalyst Iw6300
Cisco Esw6300
Cisco Catalyst 9800 Firmware<16.12.5
Cisco Catalyst 9800 Firmware>=17.1<17.3.3
Cisco Catalyst 9800 Firmware>=17.4<17.5.1
Cisco Catalyst 9800
Cisco Wireless LAN Controller Software<8.5.171.0
Cisco Wireless LAN Controller Software>=8.6<8.10.150.0

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2021-1449?

    CVE-2021-1449 is a vulnerability in the boot logic of Cisco Access Points Software that allows an authenticated local attacker to execute unsigned code at boot time.

  • What software does CVE-2021-1449 affect?

    CVE-2021-1449 affects Cisco Aironet Access Point Software, Cisco Catalyst 9800 Firmware, and Cisco Wireless LAN Controller Software.

  • How severe is CVE-2021-1449?

    CVE-2021-1449 has a severity rating of 6.7, which is considered medium.

  • How can an attacker exploit CVE-2021-1449?

    An attacker can exploit CVE-2021-1449 by executing unsigned code at boot time.

  • Where can I find more information about CVE-2021-1449?

    You can find more information about CVE-2021-1449 in the Cisco Security Advisory.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203