Security News > 2021 > September > Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN

Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for most of its enterprise networking portfolio.

The most severe of the critical bugs is an unauthenticated remote-code-execution and denial-of-service bug, affecting the Cisco Catalyst 9000 family of wireless controllers.

Boasting a rare 10 out of 10 CVSS vulnerability-severity rating, the issue specifically exists in the control and provisioning of wireless access points protocol processing used by the Cisco IOS XE software that powers the devices.

"An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the affected device to crash and reload, resulting in a DoS condition."

RCE and DoS for Cisco SD-WAN. The next two critical bugs both rate 9.8 out of 10 on the CVSS scale.

The last critical bug is an authentication-bypass vulnerability in the IOS XE software - specifically affecting the network configuration protocol used to install, manipulate and delete the configuration of network devices through a network management system; and the RESTCONF protocol, which is a REST-based HTTP interface used to query and configure devices with NETCONF configuration datastores.

News URL

https://threatpost.com/critical-cisco-bugs-wireless-sd-wan/174991/