Improper Verification of Cryptographic Signature in Cisco IOS XE Software for the Catalyst 9000 Family
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-1453 |
| CWE-ID | CWE-347 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Cisco IOS XE Operating systems & Components / Operating system Catalyst C9500-32C Switch Hardware solutions / Routers & switches, VoIP, GSM, etc Catalyst C9500-32QC Switch Hardware solutions / Routers & switches, VoIP, GSM, etc Catalyst C9500-24Y4C Switch Hardware solutions / Routers & switches, VoIP, GSM, etc Catalyst C9500-48Y4C Switch Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Catalyst 9400 Series Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Catalyst 9600 Series Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Other |
| Vendor |
Cisco Systems, Inc |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Improper Verification of Cryptographic Signature
EUVDB-ID: #VU51778
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-1453
CWE-ID:
CWE-347 - Improper Verification of Cryptographic Signature
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to an improper check in the code function that manages the verification of the digital signatures of system image files during the initial boot process. An attacker with physical access can boot a malicious software image or execute unsigned code and bypass the image verification check part of the secure boot process of an affected device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco IOS XE: 17.2.1 - 17.4.1
Catalyst C9500-32C Switch: All versions
Catalyst C9500-32QC Switch: All versions
Catalyst C9500-24Y4C Switch: All versions
Catalyst C9500-48Y4C Switch: All versions
:
Cisco Catalyst 9400 Series Switches: All versions
Cisco Catalyst 9600 Series Switches: All versions
CPE2.3- cpe:2.3:o:cisco_systems:cisco_ios_xe:17.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco_systems:cisco_ios_xe:17.4.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:catalyst_c9500-32c_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:catalyst_c9500-32qc_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:catalyst_c9500-24y4c_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:catalyst_c9500-48y4c_switch:*:*:*:*:*:*:*:*
- cpe:2.3:::::*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_catalyst_9400_series_switches:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_catalyst_9600_series_switches:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
