Cisco Fixes Root Privilege, Command Injection Vulnerabilities In Cisco SD-WAN Solution

Cisco has fixed five security vulnerabilities in its Software-Defined WAN (SD-WAN) Solution, two of which could allow an authenticated, local attacker to either gain root privileges on the underlying operating system or to inject arbitrary commands that are executed with root privileges.

Cisco SD-WAN vulnerabilities

While there is no indication that these flaw are being actively exploited, no workarounds addressing the vulnerabilities exist so upgrading to the Cisco SD-WAN Solution software release 19.2.2. is advised.

About the vulnerabilities

SD-WAN is a software-defined approach to managing the wide-area network (WAN), which allows companies to scale cloud-based applications across thousands of endpoints in the branch, campus, or SaaS and public cloud applications at distance.

CVE-2020-3265 is a privilege escalation vulnerability that can be exploited by sending a crafted request to an affected system. CVE-2020-3266 is a command injection vulnerability that can be exploited by submitting crafted input to the CLI (command line interface) utility. CVE-2020-3264 is a buffer overflow vulnerability that could be exploited by sending crafted traffic to an affected device, and ultimately lead to information disclosure or tampering with the underlying system.

All of these are considered to be high-risk, as they can only be exploited by local, authenticated attackers.

Affected products

Cisco lists among the affected products (if they are running a vulnerable Cisco SD-WAN Solution software release):

vBond Orchestrator Software
vEdge 100 Series Routers
vEdge 1000 Series Routers
vEdge 2000 Series Routers
vEdge 5000 Series Routers
vEdge Cloud Router Platform
vManage Network Management Software
vSmart Controller Software

More patches

Two additional flaws have been patched in Cisco SD-WAN Solution vManage Software release 19.2.2:

CVE-2019-16010, a cross-site scripting (XSS) vulnerability that could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information
CVE-2019-16012, a SQL injection vulnerability that could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.

These are considered to be medium-risk for a variety of reasons: to exploit them, the attacker needs to authenticate to the system first and, in CVE-2019-16010’s case, persuade a user of the interface to click a crafted link. Also, these can’t be used to completely compromise the underlying system.

Source: https://www.helpnetsecurity.com/2020/03/20/cisco-sd-wan-vulnerabilities-2020/

Generative Data Intelligence

Cisco fixes root privilege, command injection vulnerabilities in Cisco SD-WAN solution

About the vulnerabilities

Affected products

More patches

🔴Ethereum ETFs Delayed | This Week in Crypto – Mar 11, 2024

7 BEST Meme Coins to Buy NOW – What is the NEXT SHIBA INU?

Latest Intelligence

Elevate Your Sleep Game This World Health Day with LAC

NC’s 2024 legislative session not just about the budget – Medical Marijuana Program Connection

GA-ASI Selected to Build CCA for AFLCMC

Here are the two companies creating drone wingmen for the US Air Force

Ford Q1 earnings top expectations, sees full-year profit ‘tracking to high-end’ – Autoblog

Airport operator Avinor will establish Norway as an international test arena for zero and low emission aviation

Chat with us