Cisco Released Patches 3 New Critical Flaws Affecting IOS XE Software
Reading Time: 2 minutes

Cisco Systems has released patches to address 3 new critical flaws affecting IOS XE networking software. Bad actors can potentially exploit IOS XE software to execute arbitrary code with administrative privileges and trigger a denial-of-service (DoS) condition on vulnerable devices.

The 3 New Critical Flaws are as follows:

  • CVE-2021-34770 (CVSS score: 10.0) – Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Execution Vulnerability
  • CVE-2021-34727 (CVSS score: 9.8) – Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability
  • CVE-2021-1619 (CVSS score: 9.8) – Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability

In the list above CVE-2021-34770 is the most severe, Cisco calls a “logic error”. It occurs during the processing of CAPWAP (Control And Provisioning of Wireless Access Points) packets that enable a central wireless Controller to manage a group of wireless access points.

According to Cisco, “An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the affected device to crash and reload, resulting in a DoS condition.”

While the CVE-2021-34727, concerns an insufficient bounds check when accepting incoming network traffic to the device. This allows an attacker to transmit specially crafted traffic. This can result in the execution of arbitrary code with root-level privileges or cause the device to reload. The flaw has impacted devices with SD-WAN feature enabled such as 1000 Series Integrated Services Routers (ISRs), 4000 Series ISRs, ASR 1000 Series Aggregation Services Routers, and Cloud Services Router 1000V Series.

Finally CVE-2021-1619 links to an “uninitialized variable” in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software, this can permit an authenticated, remote adversary to “install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting in a DoS.”

Cisco also addressed another 15 high severity vulnerabilities and 15 medium-severity flaws affecting different components of the IOS XE software as well as Cisco Access Points platform and Cisco SD-WAN vManage Software. The company has advised its users and administrators to apply the required updates to mitigate potential exploitation risk by malicious actors.

Related Articles:

Latest Microsoft Bug can allow Hackers to install Rootkit
New Nagios Software Bugs Can Allow Hackers to Compromise your IT Infrastructures
Urgent Apple iPhone Software Update Issued to Tackle Critical Spyware Vulnerability