CVE-2021-34754: 
Cisco Firepower Threat Defense (FTD) vulnerability analysis and mitigation

A vulnerability (CVE-2021-34754) was discovered in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software. The vulnerability was disclosed on October 27, 2021, affecting Cisco FTD Software configured to detect and block ENIP traffic. This security flaw was identified alongside CVE-2021-34753 as part of Cisco's October 2021 security advisory bundle (Cisco Advisory).

The vulnerability stems from incomplete processing during deep packet inspection for ENIP packets. It received a CVSS base score of 5.8 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X. The vulnerability is classified under CWE-284 and was identified through Cisco's bug tracking system as CSCvy02240 (Cisco Advisory).

A successful exploitation of this vulnerability could allow an unauthenticated, remote attacker to bypass configured access control and intrusion policies that should be activated for ENIP packets. This bypass could potentially compromise the security posture of affected systems by allowing unauthorized ENIP traffic to pass through security controls (Cisco Advisory).

Cisco has released software updates to address this vulnerability. Fixed releases include FTD Software versions 6.4.0.13 (Nov 2021), 6.6.5.1 (Nov 2021), 6.7.0.3 (Jan 2022), and 7.0.1. There are no workarounds available for this vulnerability, and customers are advised to upgrade to a supported release that includes the fix (Cisco Advisory).

The vulnerability was reported by Gregory Norton, Thuy Nguyen, and Cynthia Irvine of the Naval Postgraduate School. It was part of Cisco's semiannual security advisory bundle release, which included a total of 19 security advisories addressing 27 vulnerabilities in Cisco ASA, FMC, and FTD (Cisco Event).