cisco-sa-ap-privesc-wEVfp8Ud: Cisco Access Point Software Arbitrary Code Execution Vulnerability
First published: Wed Mar 24 2021(Updated: )
A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Wireless LAN Controller Software | >=8.6 - 8.9<=8.10<8.10.150.0=8.5 and earlier<8.5.171.0 | 8.10.150.0 8.5.171.0 |
| Cisco Catalyst 9800 Wireless Controller Software | >=17.1=17.2<=17.3<17.3.3=16.12 and earlier<16.12.5 | 17.3.3 16.12.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-ap-privesc-wEVfp8Ud?
The severity of cisco-sa-ap-privesc-wEVfp8Ud is medium with a CVSS score of 6.7.
How can an attacker exploit cisco-sa-ap-privesc-wEVfp8Ud?
An attacker can exploit cisco-sa-ap-privesc-wEVfp8Ud by executing unsigned code at boot time on a Cisco Access Point.
Which Cisco products are affected by cisco-sa-ap-privesc-wEVfp8Ud?
Cisco Wireless LAN Controller Software (versions 8.5 and earlier, 8.6 - 8.9 up to 8.10.150.0), and Cisco Catalyst 9800 Wireless Controller Software (versions 16.12 and earlier, 17.1 - 17.3 up to 17.3.3) are affected by cisco-sa-ap-privesc-wEVfp8Ud.
How can I fix cisco-sa-ap-privesc-wEVfp8Ud?
To fix cisco-sa-ap-privesc-wEVfp8Ud, update the affected Cisco software versions to the recommended remediation versions (8.10.150.0 or 8.5.171.0 for Wireless LAN Controller Software, and 17.3.3 or 16.12.5 for Catalyst 9800 Wireless Controller Software).
Where can I find more information about cisco-sa-ap-privesc-wEVfp8Ud?
More information about cisco-sa-ap-privesc-wEVfp8Ud can be found at the Cisco Security Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud.
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/title
- agent/severity
- agent/references
- agent/weakness
- agent/tags
- agent/description
- agent/event
- vendor/cisco
- canonical/cisco wireless lan controller software
- version/cisco wireless lan controller software/8.6 - 8.9
- version/cisco wireless lan controller software/8.10
- version/cisco wireless lan controller software/8.5 and earlier
- canonical/cisco catalyst 9800 wireless controller software
- version/cisco catalyst 9800 wireless controller software/17.1
- version/cisco catalyst 9800 wireless controller software/17.2
- version/cisco catalyst 9800 wireless controller software/17.3
- version/cisco catalyst 9800 wireless controller software/16.12 and earlier