CVE-2021-1452

CVE-2021-1452 is a medium-severity vulnerability in Cisco Ios Xe Rom Monitor with a CVSS 3.x base score of 6.8. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-78.

Key facts

Description

A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device.

Frequently asked questions

What is CVE-2021-1452?
A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device.
How severe is CVE-2021-1452?
CVE-2021-1452 has a CVSS 3.x base score of 6.8, rated medium severity. It is exploitable over physical access with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is high, integrity high, and availability high.
Is CVE-2021-1452 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (29th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2021-1452?
CVE-2021-1452 affects Cisco Ios Xe Rom Monitor. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2021-1452?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2021-1452 published?
CVE-2021-1452 was published on 2021-03-24 and last updated on 2026-06-17.

References

Affected products (1)

More vulnerabilities in Cisco Ios Xe Rom Monitor

All CVEs affecting Cisco Ios Xe Rom Monitor →

Other CWE-78 (OS Command Injection) vulnerabilities

Browse all CWE-78 (OS Command Injection) vulnerabilities →