CVE-2021-1423

Cisco Aironet Access Points Arbitrary File Overwrite Vulnerability

Severity Score

4.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device.

Una vulnerabilidad en la implementación de un comando de CLI en Cisco Aironet Access Points (AP), podría permitir a un atacante local autenticado sobrescribir archivos en la memoria flash del dispositivo. Esta vulnerabilidad es debido a una comprobación insuficiente de la entrada para un comando específico. Un atacante podría explotar esta vulnerabilidad al emitir un comando con argumentos diseñados. Una explotación con éxito podría permitir al atacante sobrescribir o crear archivos con datos que ya están presentes en otros archivos alojados en el dispositivo afectado

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2020-11-13 CVE Reserved
2021-03-24 CVE Published
2023-03-08 EPSS Updated
2024-11-08 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-668: Exposure of Resource to Wrong Sphere

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb	2023-11-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	1100 Integrated Services Router Search vendor "Cisco" for product "1100 Integrated Services Router"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 1540 Search vendor "Cisco" for product "Aironet 1540"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 1560 Search vendor "Cisco" for product "Aironet 1560"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 1800 Search vendor "Cisco" for product "Aironet 1800"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 2800 Search vendor "Cisco" for product "Aironet 2800"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 3800 Search vendor "Cisco" for product "Aironet 3800"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 4800 Search vendor "Cisco" for product "Aironet 4800"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Catalyst 9100 Search vendor "Cisco" for product "Catalyst 9100"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Catalyst Iw6300 Search vendor "Cisco" for product "Catalyst Iw6300"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Esw6300 Search vendor "Cisco" for product "Esw6300"	-	-	Safe
Cisco Search vendor "Cisco"	Catalyst 9800 Firmware Search vendor "Cisco" for product "Catalyst 9800 Firmware"	< 16.12.5 Search vendor "Cisco" for product "Catalyst 9800 Firmware" and version " < 16.12.5"	-	Affected	in	Cisco Search vendor "Cisco"	Catalyst 9800 Search vendor "Cisco" for product "Catalyst 9800"	-	-	Safe
Cisco Search vendor "Cisco"	Catalyst 9800 Firmware Search vendor "Cisco" for product "Catalyst 9800 Firmware"	>= 17.1 <= 17.2 Search vendor "Cisco" for product "Catalyst 9800 Firmware" and version " >= 17.1 <= 17.2"	-	Affected	in	Cisco Search vendor "Cisco"	Catalyst 9800 Search vendor "Cisco" for product "Catalyst 9800"	-	-	Safe
Cisco Search vendor "Cisco"		Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software"				< 8.5.171.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " < 8.5.171.0"		-		Affected
Cisco Search vendor "Cisco"		Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software"				>= 8.6 < 8.10.130.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " >= 8.6 < 8.10.130.0"		-		Affected