CVE-2021-34754

CVE Database · CVE-2021-34754

CVE-2021-34754

· MEDIUMModified

CVSS v3.1

5.8

EPSS

0.97%

Published

Oct 27, 2021

Modified

Nov 26, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Weaknesses (CWE)

CWE-284

Affected Products (9)

cisco · firepower_threat_defense (up to 6.4.0.13)vulnerable

cisco · firepower_threat_defense (up to 6.6.5.1)vulnerable

cisco · firepower_threat_defense (up to 6.7.0.3)vulnerable

cisco · firepower_threat_defense (up to 7.0.1)vulnerable

cisco · secure_firewall_management_centervulnerable

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs