CVE-2021-34770

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers (affected versions not specified)

Description The issue is related to a logic error during the validation of CAPWAP packets in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing. This could allow an unauthenticated, remote attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. An attacker could exploit this by sending a crafted CAPWAP packet to an affected device, potentially allowing the attacker to execute arbitrary code with administrative privileges or cause the affected device to crash and reload.

Recommendations For Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers, update to a version that includes the fix for this issue, as software updates have been released by Cisco to address this vulnerability. As a temporary workaround, consider restricting access to the CAPWAP protocol processing to minimize the risk of exploitation. At the moment, there is no information about other specific workarounds that address this vulnerability.