Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022On September 27, 2022, the following vulnerabilities affecting Cisco products were disclosed by Cert/CC as part of VU855201, titled L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers:
- CVE-2021-27853: Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using a combination of VLAN 0 headers and LLC/SNAP headers.
- CVE-2021-27854: Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using a combination of VLAN 0 headers, LLC/SNAP headers in Ethernet to Wifi frame translation, and in the reverse—Wifi to Ethernet.
- CVE-2021-27861: Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers).
- CVE-2021-27862: Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).
Exploitation of these vulnerabilities could allow an adjacent attacker to bypass configured first-hop security (FHS) features on the affected Cisco products.
For more information about these vulnerabilities, see the Details section of this advisory.
This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX
Security Impact Rating: Medium
CVE: CVE-2021-27853,CVE-2021-27854,CVE-2021-27861,CVE-2021-27862
Source: Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022 (https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Vulnerabilities%20in%20Layer%202%20Network%20Security%20Controls%20Affecting%20Cisco%20Products:%20September%202022&vs_k=1)