cisco-sa-ap-foverwrt-HyVXvrtb: Cisco Aironet Access Points Arbitrary File Overwrite Vulnerability
First published: Wed Mar 24 2021(Updated: )
A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb
Credit: Chris Bellows Atredis PartnersHD Moore Rumble
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Wireless LAN Controller Software | >=8.6 - 8.9<=8.10<8.10.130.0>=8.4 and earlier<=8.5<8.5.171.0 | 8.10.130.0 8.5.171.0 |
| Cisco Catalyst 9800 Controller Software | >=16.11 and earlier<=16.12<16.12.5 | 16.12.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Cisco Aironet Access Points vulnerability?
The vulnerability ID for this Cisco Aironet Access Points vulnerability is cisco-sa-ap-foverwrt-HyVXvrtb.
What is the severity of vulnerability cisco-sa-ap-foverwrt-HyVXvrtb?
The severity of vulnerability cisco-sa-ap-foverwrt-HyVXvrtb is medium with a severity value of 4.4.
How can an attacker exploit the Cisco Aironet Access Points vulnerability?
An attacker can exploit the Cisco Aironet Access Points vulnerability by using a specific command to overwrite files in the device's flash memory.
Which software versions are affected by vulnerability cisco-sa-ap-foverwrt-HyVXvrtb?
The affected software versions for vulnerability cisco-sa-ap-foverwrt-HyVXvrtb are: - Cisco Wireless LAN Controller Software versions 8.4 and earlier, 8.6 - 8.9, and up to 8.10 (excluding 8.10.130.0) - Catalyst 9800 Controller Software versions 16.11 and earlier, up to 16.12 (excluding 16.12.5).
Is there a remedy available for vulnerability cisco-sa-ap-foverwrt-HyVXvrtb?
Yes, there are remedies available for vulnerability cisco-sa-ap-foverwrt-HyVXvrtb. For Cisco Wireless LAN Controller Software, versions 8.10.130.0 and 8.5.171.0, and for Catalyst 9800 Controller Software, version 16.12.5.
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/event
- agent/tags
- agent/type
- agent/title
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- vendor/cisco
- canonical/cisco wireless lan controller software
- version/cisco wireless lan controller software/8.6 - 8.9
- version/cisco wireless lan controller software/8.10
- version/cisco wireless lan controller software/8.4 and earlier
- version/cisco wireless lan controller software/8.5
- canonical/cisco catalyst 9800 controller software
- version/cisco catalyst 9800 controller software/16.11 and earlier
- version/cisco catalyst 9800 controller software/16.12