Endpoint/Device Security, Vulnerability Management

Cisco products affected by various L2 network security control bugs

Numerous Cisco enterprise routers and switches have been confirmed to be affected by four medium-severity Layer-2 network security control bypass vulnerabilities, SecurityWeek reports. Threat actors could exploit the flaws, tracked as CVE-2021-27853, CVE-2021-27854, CVE-2021-27861 and CVE-2021-27862, to enable virtual local access network header and 802.2 LLC/SNAP header stacking, which could then facilitate denial-of-service or man-in-the-middle attacks, according to an advisory from the CERT Coordination Center. "An attacker can bypass security controls and deceive a locally connected target host to route traffic to arbitrary destinations. Victim devices experience either a DoS (blackholing traffic) or MitM (observing the unencrypted traffic and maybe breaking encryption)," said the advisory. Only Cisco and Juniper Networks have devices confirmed to be impacted by the flaw despite warnings being sent to over 200 vendors. Cisco noted that CVE-2021-27853 has been patched in software releases 17.6.3 and 17.8.1 for IOS XE switches, while stating that its products are unaffected by CVE-2021-27854 and CVE-2021-27862.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.