Cisco Firepower Threat Defense Software Vulnerability
CVE-2021-34753
5.8MEDIUM
Key Information:
- Vendor
Cisco
- Vendor
- CVE Published:
- 15 November 2024
What is CVE-2021-34753?
A vulnerability exists in the payload inspection process for Ethernet Industrial Protocol (ENIP) traffic in the Cisco Firepower Threat Defense (FTD) Software, which allows unauthenticated remote attackers to potentially bypass configured access control and intrusion policies. This flaw arises from inadequate processing of ENIP packets during deep packet inspection. By sending specially crafted ENIP packets to a vulnerable interface, attackers may exploit this vulnerability to evade security measures that should normally detect and drop such packets, leading to potential unauthorized access to network resources.
Affected Version(s)
Cisco Firepower Threat Defense Software