CVE-2021-34708

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software for Cisco 8000 Series Routers (affected versions not specified) Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images (affected versions not specified)

Description The issue is related to errors in cryptographic signature verification checks. It could allow a remote attacker to execute arbitrary code on the target system. An authenticated, local attacker may also execute arbitrary code on the underlying operating system.

Recommendations For Cisco IOS XR Software for Cisco 8000 Series Routers, update to a version that includes the fix for the image verification checks vulnerabilities. For Cisco Network Convergence System (NCS) 540 Series Routers running Cisco IOS XR NCS540L software images, update to a version that includes the fix for the image verification checks vulnerabilities. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation.