CVE-2021-1376
Cisco IOS XE Software Fast Reload Vulnerabilities
Severity Score
6.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and boot a malicious software image, or execute unsigned binaries on an affected device. These vulnerabilities are due to improper checks performed by system boot routines. To exploit these vulnerabilities, the attacker would need privileged access to the CLI of the device. A successful exploit could allow the attacker to either execute arbitrary code on the underlying operating system or execute unsigned code and bypass the image verification check part of the secure boot process. For more information about these vulnerabilities, see the Details section of this advisory.
Múltiples vulnerabilidades en la funcionalidad fast reload del Software Cisco IOS XE que se ejecuta en los Switches Cisco Catalyst 3850, Cisco Catalyst 9300 y Cisco Catalyst 9300L Series, podrían permitir a un atacante local autenticado ejecutar código arbitrario en el sistema operativo subyacente, instalar y arrancar un imagen de software malicioso o ejecutar binarios sin firmar en un dispositivo afectado. Estas vulnerabilidades son debido a comprobaciones incorrectas llevadas a cabo por las rutinas de arranque del sistema. Para explotar estas vulnerabilidades, el atacante necesitaría acceso privilegiado a la CLI del dispositivo. Una explotación con éxito podría permitir al atacante ejecutar código arbitrario en el sistema operativo subyacente o ejecutar código sin firmar y omitir la parte de comprobación de imagen del proceso de arranque seguro. Para mayor información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-11-13 CVE Reserved
- 2021-03-24 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-347: Improper Verification of Cryptographic Signature
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fast-Zqr6DD5 | 2021-03-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.1 Search vendor "Cisco" for product "Ios Xe" and version "16.5.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.1a Search vendor "Cisco" for product "Ios Xe" and version "16.5.1a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.1 Search vendor "Cisco" for product "Ios Xe" and version "16.6.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.2 Search vendor "Cisco" for product "Ios Xe" and version "16.6.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.3 Search vendor "Cisco" for product "Ios Xe" and version "16.6.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.4 Search vendor "Cisco" for product "Ios Xe" and version "16.6.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.4a Search vendor "Cisco" for product "Ios Xe" and version "16.6.4a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.4s Search vendor "Cisco" for product "Ios Xe" and version "16.6.4s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.5 Search vendor "Cisco" for product "Ios Xe" and version "16.6.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.6 Search vendor "Cisco" for product "Ios Xe" and version "16.6.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.7 Search vendor "Cisco" for product "Ios Xe" and version "16.6.7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.8 Search vendor "Cisco" for product "Ios Xe" and version "16.6.8" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.8.1 Search vendor "Cisco" for product "Ios Xe" and version "16.8.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.8.1a Search vendor "Cisco" for product "Ios Xe" and version "16.8.1a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.8.1s Search vendor "Cisco" for product "Ios Xe" and version "16.8.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.1 Search vendor "Cisco" for product "Ios Xe" and version "16.9.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.1s Search vendor "Cisco" for product "Ios Xe" and version "16.9.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.2 Search vendor "Cisco" for product "Ios Xe" and version "16.9.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.2s Search vendor "Cisco" for product "Ios Xe" and version "16.9.2s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.3 Search vendor "Cisco" for product "Ios Xe" and version "16.9.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.3a Search vendor "Cisco" for product "Ios Xe" and version "16.9.3a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.3s Search vendor "Cisco" for product "Ios Xe" and version "16.9.3s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.4 Search vendor "Cisco" for product "Ios Xe" and version "16.9.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.5 Search vendor "Cisco" for product "Ios Xe" and version "16.9.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.6 Search vendor "Cisco" for product "Ios Xe" and version "16.9.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.10.1 Search vendor "Cisco" for product "Ios Xe" and version "16.10.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.10.1e Search vendor "Cisco" for product "Ios Xe" and version "16.10.1e" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.10.1s Search vendor "Cisco" for product "Ios Xe" and version "16.10.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.11.1 Search vendor "Cisco" for product "Ios Xe" and version "16.11.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.11.1b Search vendor "Cisco" for product "Ios Xe" and version "16.11.1b" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.11.1c Search vendor "Cisco" for product "Ios Xe" and version "16.11.1c" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.11.1s Search vendor "Cisco" for product "Ios Xe" and version "16.11.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.11.2 Search vendor "Cisco" for product "Ios Xe" and version "16.11.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.1 Search vendor "Cisco" for product "Ios Xe" and version "16.12.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.1c Search vendor "Cisco" for product "Ios Xe" and version "16.12.1c" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.1s Search vendor "Cisco" for product "Ios Xe" and version "16.12.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.2 Search vendor "Cisco" for product "Ios Xe" and version "16.12.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.2s Search vendor "Cisco" for product "Ios Xe" and version "16.12.2s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.2t Search vendor "Cisco" for product "Ios Xe" and version "16.12.2t" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.3 Search vendor "Cisco" for product "Ios Xe" and version "16.12.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.3a Search vendor "Cisco" for product "Ios Xe" and version "16.12.3a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.3s Search vendor "Cisco" for product "Ios Xe" and version "16.12.3s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.4 Search vendor "Cisco" for product "Ios Xe" and version "16.12.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.12.4a Search vendor "Cisco" for product "Ios Xe" and version "16.12.4a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.1.1 Search vendor "Cisco" for product "Ios Xe" and version "17.1.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.1.1s Search vendor "Cisco" for product "Ios Xe" and version "17.1.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.1.1t Search vendor "Cisco" for product "Ios Xe" and version "17.1.1t" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.1.2 Search vendor "Cisco" for product "Ios Xe" and version "17.1.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.2.1 Search vendor "Cisco" for product "Ios Xe" and version "17.2.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.2.1a Search vendor "Cisco" for product "Ios Xe" and version "17.2.1a" | - |
Affected
| ||||||