PT-2021-4141 · Cisco · Cisco Network Convergence System (Ncs) 540 Series Routers+2
Published
2021-09-08
·
Updated
2021-09-21
·
CVE-2021-34709
CVSS v2.0
6.9
Medium
| Vector | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco IOS XR versions (affected versions not specified)
Cisco Network Convergence System (NCS) 540 Series Routers running Cisco IOS XR NCS540L software images (affected versions not specified)
Cisco IOS XR Software for Cisco 8000 Series Routers (affected versions not specified)
Description
The issue is related to incorrect cryptographic signature verification in Cisco IOS XR, which could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system.
Recommendations
For Cisco IOS XR, update to a version that includes the software updates released by Cisco to address these vulnerabilities.
For Cisco Network Convergence System (NCS) 540 Series Routers running Cisco IOS XR NCS540L software images, update to a version that includes the software updates released by Cisco to address these vulnerabilities.
For Cisco IOS XR Software for Cisco 8000 Series Routers, update to a version that includes the software updates released by Cisco to address these vulnerabilities.
Fix
Improper Verification of Cryptographic Signature
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco 8000 Series Routers
Cisco Ios Xr
Cisco Network Convergence System (Ncs) 540 Series Routers