By Juha Saarinen on Jan 22, 2021 9:50AM
Remote code execution with root privileges possible.
Cisco has issued patches for multiple flaws in its SD-WAN products that could allow unauthennticated remote threat actors to attack vulnerable devices.
The network equipment vendor said one buffer overflow vulnerability that lets unauthenticated attackers run arbitrary code with root superuser privileges is due to incorrect handling of internet protocol traffic.
By sending specially crafted IP traffic through a vulnerable device, attackers could trigger a buffer overflow in the software, Cisco warned.
The flaw has a Common Vulnerabilities Scoring System rating of 9.8 out of 10.
Another buffer overrflow condition in Cisco s SD-WAN NETCONF subsystem lets authenticated remote attackers send specially crafted files to vulnerable devices, resulting in a denial of service condition.
Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite.
Cisco is warning of multiple, critical vulnerabilities in its software-defined networking for wide-area networks (SD-WAN) solutions for business users.
Cisco issued patches addressing eight buffer-overflow and command-injection SD-WAN vulnerabilities. The most serious of these flaws could be exploited by an unauthenticated, remote attacker to execute arbitrary code on the affected system with root privileges.
“Cisco has released software updates that address these vulnerabilities,” according to Cisco in a Wednesday advisory. “There are no workarounds that address these vulnerabilities.”
One critical-severity flaw (CVE-2021-1299) exists in the web-based management interface of Cisco SD-WAN vManage aoftware. This flaw (which ranks 9.9 out of 10 on the CVSS scale) could allow an authenticated, remote attacker to gain root-level access to an affected system and execute arbitr