Vulnerabilities > CVE-2021-1449 - Unspecified vulnerability in Cisco products

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

cisco

NVD

Published: 2021-03-24

Updated: 2023-11-07

Summary

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Aironet Access Point Software - Cisco Wireless LAN Controller Software 8.6 Cisco Wireless LAN Controller Software 8.7 Cisco Wireless LAN Controller Software 8.8. Cisco Wireless LAN Controller Software 8.8.120.0 Cisco Wireless LAN Controller Software 8.8.125.0 Cisco Wireless LAN Controller Software 8.9 Cisco Wireless LAN Controller Software 8.9.100.0 Cisco Wireless LAN Controller Software 8.9.111.0 Cisco Wireless LAN Controller Software 8.10 Cisco Wireless LAN Controller Software 8.10.105.0 Cisco Wireless LAN Controller Software 7.2.0 Cisco Wireless LAN Controller Software 7.4.0 Cisco Wireless LAN Controller Software 7.4.1.1 Cisco Wireless LAN Controller Software 7.4.1.19 Cisco Wireless LAN Controller Software 7.4.100.60 Cisco Wireless LAN Controller Software 7.5.0 Cisco Wireless LAN Controller Software 7.6.1.62 Cisco Wireless LAN Controller Software 7.6.110.0 Cisco Wireless LAN Controller Software 7.6.120.0 Cisco Wireless LAN Controller Software 7.6.130.0 Cisco Wireless LAN Controller Software 8.0.72.140 Cisco Wireless LAN Controller Software 8.0.100 Cisco Wireless LAN Controller Software 8.0.115.0 Cisco Wireless LAN Controller Software 8.0.120.0 Cisco Wireless LAN Controller Software 8.0.132.0 Cisco Wireless LAN Controller Software 8.0_Base Cisco Wireless LAN Controller Software 8.1\(111.0\) Cisco Wireless LAN Controller Software 8.1.0 Cisco Wireless LAN Controller Software 8.1.104.37 Cisco Wireless LAN Controller Software 8.1.111.0 Cisco Wireless LAN Controller Software 8.1.122.0 Cisco Wireless LAN Controller Software 8.3 Cisco Wireless LAN Controller Software 8.3\(141.0\) Cisco Wireless LAN Controller Software 8.5 Cisco Wireless LAN Controller Software 8.5\(120.0\) Cisco Wireless LAN Controller Software 8.5.151.0	37
Hardware	Cisco Cisco 1100 Integrated Services Router - Cisco Aironet 1540 - Cisco Aironet 1560 - Cisco Aironet 1800 - Cisco Aironet 2800 - Cisco Aironet 3800 - Cisco Aironet 4800 - Cisco Catalyst 9100 - Cisco Catalyst Iw6300 - Cisco Esw6300 - Cisco Catalyst 9800 -	11
OS	Cisco Cisco Catalyst 9800 Firmware 16.11 Cisco Catalyst 9800 Firmware 16.12 Cisco Catalyst 9800 Firmware 17.1 Cisco Catalyst 9800 Firmware 17.2 Cisco Catalyst 9800 Firmware 17.3 Cisco Catalyst 9800 Firmware 17.4	6

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud