vulnerability

Cisco FTD: CVE-2021-34754: Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Oct 27, 2021	Jan 29, 2025	Jun 23, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Oct 27, 2021

Added

Jan 29, 2025

Modified

Jun 23, 2025

Description

Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet.

Solution

cisco-ftd-upgrade-latest

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today