CVE-2021-1376

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software versions prior to the fixed version

Description: The issue is related to improper checks performed by system boot routines in the fast reload feature of Cisco IOS XE Software. This could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system, install and boot a malicious software image, or execute unsigned binaries on an affected device. The attacker would need privileged access to the CLI of the device to exploit these vulnerabilities. A successful exploit could allow the attacker to either execute arbitrary code on the underlying operating system or execute unsigned code and bypass the image verification check part of the secure boot process.

Recommendations: For Cisco IOS XE Software, update to a version that includes the fix for these vulnerabilities. As a temporary workaround, consider restricting access to the CLI of the device to minimize the risk of exploitation. Avoid using the fast reload feature until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.