CVE-2021-1461
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Summary
CVE-2021-1461 is a vulnerability affecting Cisco SD-WAN Software's Image Signature Verification feature. This issue allows authenticated, remote attackers with Administrator-level credentials to install malicious software patches on vulnerable devices. The flaw stems from insufficient verification of digital signatures for patch images, enabling an attacker to bypass checks and load an unsigned patch. Successful exploitation could result in the execution of malicious software upon device boot. Cisco has released software updates to address this vulnerability, and there are currently no workarounds available.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.