CVE-2021-34709: Cisco IOS XR Software for Cisco 8000 and Network Convergence System 540 Series Routers Image Verification Vulnerabilities
First published: Thu Sep 09 2021(Updated: )
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XR | <7.3.2 | |
| Cisco 8101-32fh | ||
| Cisco 8101-32h | ||
| Cisco 8102-64h | ||
| Cisco 8201 | ||
| Cisco 8201-32fh | ||
| Cisco 8202 | ||
| Cisco 8800 12-slot | ||
| Cisco 8800 18-slot | ||
| Cisco 8800 4-slot | ||
| Cisco 8800 8-slot | ||
| Cisco IOS XR | >=7.4.0<7.4.1 | |
| Cisco N540-12z20g-sys-a | ||
| Cisco N540-12z20g-sys-d | ||
| Cisco N540-24z8q2c-m | ||
| Cisco N540-24z8q2c-sys | ||
| Cisco N540-28z4c-sys-a | ||
| Cisco N540-28z4c-sys-d | ||
| Cisco N540-acc-sys | ||
| Cisco N540x-12z16g-sys-a | ||
| Cisco N540x-12z16g-sys-d | ||
| Cisco N540x-16z4g8q2c-a | ||
| Cisco N540x-16z4g8q2c-d | ||
| Cisco N540x-acc-sys |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-34709?
The severity of CVE-2021-34709 is medium with a CVSS score of 6.4.
Which software versions are affected by CVE-2021-34709?
Cisco Network Convergence System (NCS) 540 Series Routers running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers up to version 7.3.2 are affected by CVE-2021-34709.
What is the vulnerability description of CVE-2021-34709?
CVE-2021-34709 is a vulnerability in the image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers and Cisco 8000 Series Routers, which allows an authenticated, local attacker to execute arbitrary code.
How can an attacker exploit CVE-2021-34709?
An authenticated, local attacker can exploit CVE-2021-34709 to execute arbitrary code.
Is Cisco 8101-32fh vulnerable to CVE-2021-34709?
No, Cisco 8101-32fh is not vulnerable to CVE-2021-34709.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/title
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/cisco
- canonical/cisco ios xr
- canonical/cisco 8101-32fh
- canonical/cisco 8101-32h
- canonical/cisco 8102-64h
- canonical/cisco 8201
- canonical/cisco 8201-32fh
- canonical/cisco 8202
- canonical/cisco 8800 12-slot
- canonical/cisco 8800 18-slot
- canonical/cisco 8800 4-slot
- canonical/cisco 8800 8-slot
- version/cisco ios xr/7.4.0
- canonical/cisco n540-12z20g-sys-a
- canonical/cisco n540-12z20g-sys-d
- canonical/cisco n540-24z8q2c-m
- canonical/cisco n540-24z8q2c-sys
- canonical/cisco n540-28z4c-sys-a
- canonical/cisco n540-28z4c-sys-d
- canonical/cisco n540-acc-sys
- canonical/cisco n540x-12z16g-sys-a
- canonical/cisco n540x-12z16g-sys-d
- canonical/cisco n540x-16z4g8q2c-a
- canonical/cisco n540x-16z4g8q2c-d
- canonical/cisco n540x-acc-sys