CVE-2021-27853

moderate-risk

Published 2022-09-27

Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

Do I need to act?

0.15% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.7/10 Medium

ADJACENT_NETWORK / LOW complexity

Affected Products (20)

Ieee 802.2

P802.1Q

Catalyst 6503-E Firmware

Catalyst 6504-E Firmware

Catalyst 6506-E Firmware

Catalyst 6509-E Firmware

Catalyst 6509-Neb-A Firmware

Catalyst 6509-V-E Firmware

Catalyst 6513-E Firmware

Catalyst 6807-Xl Firmware

Catalyst 6840-X Firmware

Catalyst 6880-X Firmware

Catalyst C6816-X-Le Firmware

Catalyst C6824-X-Le-40G Firmware

Catalyst C6832-X-Le Firmware

Catalyst C6840-X-Le-40G Firmware

Catalyst 6800Ia Firmware

Ios Xe

Affected Vendors

Cisco Ieee Ietf

References (13)

Exploit https://blog.champtar.fr/VLAN0_LLC_SNAP/

Technical Description https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/

Third Party Advisory https://kb.cert.org/vuls/id/855201

Vendor Advisory https://standards.ieee.org/ieee/802.1Q/10323/

Vendor Advisory https://standards.ieee.org/ieee/802.2/1048/

Third Party Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-V...

Exploit https://blog.champtar.fr/VLAN0_LLC_SNAP/

Technical Description https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/

Third Party Advisory https://kb.cert.org/vuls/id/855201

Vendor Advisory https://standards.ieee.org/ieee/802.1Q/10323/

Vendor Advisory https://standards.ieee.org/ieee/802.2/1048/

Third Party Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-V...

https://www.kb.cert.org/vuls/id/855201

/ 100

moderate-risk

Severity 16/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 30/34 · Critical