CVE-2021-1453

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches (affected versions not specified)

Description The issue is related to an improper check in the code function that manages the verification of the digital signatures of system image files during the initial boot process. This could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. An attacker could exploit this by loading unsigned software on an affected device, potentially allowing them to boot a malicious software image or execute unsigned code and bypass the image verification check part of the secure boot process.

Recommendations To resolve the issue, update to a version of Cisco IOS XE Software that addresses this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.