CVE-2021-1461

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Nov 18, 2024
Updated: Nov 21, 2024
CWE ID 347

Summary

CVE-2021-1461 is a vulnerability affecting Cisco SD-WAN Software's Image Signature Verification feature. This issue allows authenticated, remote attackers with Administrator-level credentials to install malicious software patches on vulnerable devices. The flaw stems from insufficient verification of digital signatures for patch images, enabling an attacker to bypass checks and load an unsigned patch. Successful exploitation could result in the execution of malicious software upon device boot. Cisco has released software updates to address this vulnerability, and there are currently no workarounds available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share