CVE-2021-34709 MEDIUM

CVE-2021-34709: Cisco IOS XR Software for Cisco 8000 and Network Convergence System 540 Series Routers Image Verification Vulnerabilities

Vendor Cisco
Product Cisco IOS XR Software
Weakness CWE-347
Published September 9, 2021
Last update November 7, 2024

CVSS base score

6.0/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

What the vulnerability does

01Description

Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

Key dates

02Disclosure timeline

September 9, 2021 CVE published
November 7, 2024 Record updated

Related vulnerabilities

04Related CVE