#VU51765 Active Debug Code in Cisco Systems, Inc products - CVE-2021-1391
Published: March 29, 2021
Vulnerability identifier: #VU51765
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-1391
CWE-ID: CWE-489
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco Embedded Services 3300 Series Switches
Cisco Catalyst IE3200 Rugged Series
Cisco Catalyst IE3300 Rugged Series
Cisco Catalyst IE3400 Rugged Series
Cisco Catalyst IE3400 Heavy Duty Series
Cisco IOS XE
Cisco IOS
Cisco Embedded Services 3300 Series Switches
Cisco Catalyst IE3200 Rugged Series
Cisco Catalyst IE3300 Rugged Series
Cisco Catalyst IE3400 Rugged Series
Cisco Catalyst IE3400 Heavy Duty Series
Cisco IOS XE
Cisco IOS
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to the presence of development testing and verification scripts that remained on the device in the dragonite debugger. A local administrator can bypass the consent token mechanism with the residual scripts on the affected device and escalate from privilege level 15 to root privilege.
Remediation
Install updates from vendor's website.