Security News > 2021 > January > It's 2021 and you can hijack a Cisco SD-WAN deployment with malicious IP traffic and a buffer overflow. Patch now

It's 2021 and you can hijack a Cisco SD-WAN deployment with malicious IP traffic and a buffer overflow. Patch now
2021-01-22 07:04

Cisco SD-WAN Buffer Overflow Vulnerabilities: Systems running the Cisco SD-WAN software - such as SD-WAN vEdge Routers - can be exploited "By sending crafted IP traffic through an affected device, which may cause a buffer overflow when the traffic is processed." A successful attack can result in the execution of arbitrary code on the underlying operating system with root privileges, which means you basically hand over the gear to a stranger.

Cisco SD-WAN Command Injection Vulnerabilities: These can be exploited by authenticated users to gain root-level privileges on a system running the vulnerable software.

Cisco DNA Center Command Runner Command Injection Vulnerability: An authenticated remote user can supply a maliciously "Crafted input during command execution or via a crafted command runner API call. A successful exploit could allow the attacker to execute arbitrary CLI commands on devices managed by Cisco DNA Center." It was found during an internal security audit.

Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities: These bugs can be exploited to run arbitrary commands on a vulnerable installation by sending specially crafted HTTP requests to the web interface.

Cisco believes none of the above are being exploited in the wild.

Switchzilla also patched a bunch of other vulnerabilities, such as a Cisco Secure Web Appliance privilege escalation flaw; Cisco SD-WAN vManage authorization bypass vulnerabilities; and Cisco Data Center Network Manager SQL Injection Vulnerabilities.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/01/22/cisco_critical_vulnerabilities/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 4427 230 3115 1862 609 5816