An access control vulnerability – that allows root access via a local system – was reported in a Cisco Application Policy Infrastructure Controller, according to Security Tracker.

"A local user can exploit an access control flaw in the boot manager to gain root access to the execute arbitrary commands on the target system with root privileges," the researchers stated.

The bug has been designated CSCuu83985 by Cisco and a fix has been issued by the vendor.

The advisory is here.