Critical Cisco SD-WAN Bugs Allow RCE Attacks

Cisco is warning of a number of, critical vulnerabilities in its computer software-described networking for huge-region networks (SD-WAN) options for business enterprise users.

Cisco issued patches addressing 8 buffer-overflow and command-injection SD-WAN vulnerabilities. The most severe of these flaws could be exploited by an unauthenticated, remote attacker to execute arbitrary code on the afflicted system with root privileges.

“Cisco has introduced application updates that deal with these vulnerabilities,” according to Cisco in a Wednesday advisory. “There are no workarounds that address these vulnerabilities.”

A person critical-severity flaw (CVE-2021-1299) exists in the web-dependent administration interface of Cisco SD-WAN vManage aoftware. This flaw (which ranks 9.9 out of 10 on the CVSS scale) could let an authenticated, remote attacker to achieve root-level accessibility to an impacted method and execute arbitrary commands as the root consumer on the method.

“This vulnerability is owing to inappropriate enter-validation of person-provided input to the device template configuration,” according to Cisco. “An attacker could exploit this vulnerability by publishing crafted enter to the product template configuration.”

A different serious flaw is CVE-2021-1300, which ranks 9.8 out of 10 on the CVSS scale. The buffer-overflow flaw stems from incorrect dealing with of IP targeted visitors an attacker could exploit the flaw by sending crafted IP website traffic by way of an afflicted unit, which may perhaps trigger a buffer overflow when the website traffic is processed. In the end, this enables an attacker to execute arbitrary code on the underlying functioning procedure with root privileges.

The pursuing products are affected if they are running a vulnerable launch of the SD-WAN software program: IOS XE SD-WAN Software package, SD-WAN vBond Orchestrator Computer software, SD-WAN vEdge Cloud Routers, SD-WAN vEdge Routers, SD-WAN vManage Software program and SD-WAN vSmart Controller Application. Cisco end users can see a whole listing of the influenced software variations as very well as the deployed fixed variations, on its security advisory.

Cisco stated it is not informed of any exploits focusing on these SD-WAN flaws.

Other Critical Cisco Flaws

3 critical flaws (CVE-2021-1138, CVE-2021-1140, CVE-2021-1142) ended up observed in Cisco intelligent program supervisor satellite, which provides enterprises real-time visibility and reporting of their Cisco licenses.

These flaws, which rank 9.8 out of 10 on the CVSS scale, stem from the Cisco sensible software package manager satellite’s web user interface and could allow for an unauthenticated, remote attacker to execute arbitrary commands as a substantial-privileged consumer on an affected gadget.

“These vulnerabilities are owing to inadequate enter validation,” in accordance to Cisco. “An attacker could exploit these vulnerabilities by sending malicious HTTP requests to an afflicted machine. A productive exploit could make it possible for the attacker to run arbitrary commands on the underlying running system.”

A further critical-severity flaw was identified in the Command Runner instrument of Cisco DNA Heart, which is Cisco’s network administration and command center. The flaw (CVE-2021-1264) ranks 9.6 out of 10 on the CVSS scale. This vulnerability affects Cisco DNA Center program releases before than 1.3.1. fixes are available in program releases 1.3.1. and afterwards.

The flaw stems from inadequate input validation by the Command Runner device, which permits consumers to deliver diagnostic CLI commands to selected equipment. An attacker could exploit this flaw by offering crafted input during command execution or by way of a crafted command runner API call, according to Cisco.

“A prosperous exploit could enable the attacker to execute arbitrary CLI instructions on products managed by Cisco DNA Heart,” in accordance to Cisco.

Obtain our distinctive No cost Threatpost Insider E-book Health care Security Woes Balloon in a Covid-Period Globe, sponsored by ZeroNorth, to learn more about what these security challenges indicate for hospitals at the working day-to-day stage and how healthcare security groups can put into action finest techniques to defend suppliers and patients. Get the total story and Obtain the Book now – on us!