PT-2021-7440 · Cisco · Cisco Telepresence Collaboration Endpoint (Ce)+1

Published

2021-10-06

Updated

2021-10-14

CVE-2021-34758

CVSS v3.1

4.4

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions Cisco TelePresence Collaboration Endpoint (CE) Software (affected versions not specified) Cisco RoomOS Software (affected versions not specified)

Description A vulnerability in the memory management of the software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition. This is due to insufficient access controls to a shared memory resource. An attacker could exploit this vulnerability by corrupting a shared memory segment on an affected device, causing the device to reload. The device will recover from the corruption upon reboot.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

BDU:2022-06328

CVE-2021-34758

Affected Products

Cisco Roomos

Cisco Telepresence Collaboration Endpoint (Ce)

PT-2021-7440 · Cisco · Cisco Telepresence Collaboration Endpoint (Ce)+1

CVE-2021-34758

Weakness Enumeration

Related Identifiers

Affected Products

References · 6