Security News > 2020 > March > Cisco Warns of High-Severity SD-WAN Flaws

Cisco Warns of High-Severity SD-WAN Flaws
2020-03-19 15:50

If exploited, the flaws could enable bad actors to execute commands with root privileges on affected systems.

The three flaws are located in various Cisco hardware and software products running the company's SD-WAN software earlier than Release 19.2.2.

The flaw ranks 7.1 out of 10.0 on the CVSS scale, or high severity.

The final high-severity flaw is a privilege escalation flaw in the SD-WAN software that could allow authenticated, local attackers to elevate privileges - ultimately gaining "Root-level" privileges on the underlying operating system.

Cisco has previously issued patches for several critical- and high-severity vulnerabilities in its SD-WAN software, including a critical privilege-escalation flaw existing in CLI in June, and a high-severity flaw in the SD-WAN software in January.


News URL

https://threatpost.com/cisco-warns-of-high-severity-sd-wan-flaws/153942/?utm_source=rss&utm_medium=rss&utm_campaign=cisco-warns-of-high-severity-sd-wan-flaws

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1771 1669 288 3749