Sara Veterini

**Name of the Vulnerable Software and Affected Versions** Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller (affected versions not specified) **Description** A vulnerability in the software upgrade component could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system. This issue is due to insufficient signature validation of software images. An attacker could exploit this by installing a modified software image, potentially executing arbitrary code and elevating privileges to root. **Recommendations** For all affected versions, administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller. As a temporary workaround, consider restricting access to the software upgrade component until a patch is available. Additionally, ensure that only authorized personnel with Administrator-level privileges have access to the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.