CVE-2021-34753

CVE Database · CVE-2021-34753

CVE-2021-34753

· MEDIUMAnalyzed

CVSS v3.1

5.8

EPSS

0.65%

Published

Nov 15, 2024

Modified

Aug 7, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. This vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Weaknesses (CWE)

CWE-284

Affected Products (4)

cisco · firepower_threat_defense_software (up to 6.4.0.13)vulnerable

cisco · firepower_threat_defense_software (up to 6.6.5.1)vulnerable

cisco · firepower_threat_defense_software (up to 6.7.0.3)vulnerable

cisco · firepower_threat_defense_softwarevulnerable

References (1)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs