Denial of service in Cisco Aironet Access Points

1) Memory leak

EUVDB-ID: #VU56833

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34740

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in the WLAN Control Protocol (WCP) implementation. A remote attacker on the local network can force the application to leak memory and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

6300 Series Embedded Services Access Points: All versions

Cisco Aironet 1540 Series Access Points: All versions

Cisco Aironet 1560 Series Access Points: All versions

Cisco Aironet 1800 Series Access Points: All versions

Cisco Aironet 2800 Series Access Points: All versions

Cisco Aironet 3800 Series Access Points: All versions

Aironet 4800 Access Points: All versions

Cisco Catalyst 9100: All versions

Catalyst IW6300 Heavy Duty Series Access Points: All versions

Integrated Access Point on 1100 Integrated Services Routers: All versions

Cisco Wireless LAN Controller: 8.10

Cisco Catalyst 9800 Wireless Controller: 17.2 - 17.3

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.