CVE-2021-34740

HIGH

Cisco Aironet Access Point Software - Denial of Service via WCP 802.11 Frame Handling

Title source: llm

Description

A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL

Scores

CVSS v3 7.4

EPSS 0.0010

EPSS Percentile 27.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (3)

cisco/aironet_access_point_software 17.2

cisco/aironet_access_point_software 17.3

cisco/aironet_access_point_software 8.10.0 - 8.10.162.0

Published Sep 23, 2021

Tracked Since Feb 18, 2026