Cisco warns of five SD-WAN security weaknesses

Cisco has issued five  warnings about security weaknesses in its SD-WAN offerings, three of them on the high-end of the vulnerability scale.

The worst problem is with the command-line interface (CLI) of its SD-WAN Solution software where a weakness could let a local attacker inject arbitrary commands that are executed with root privileges, Cisco wrote.

An attacker could exploit this vulnerability – which has a 7.8 out if 10 on  the Common Vulnerability Scoring System – by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. The vulnerability is due to insufficient input validation, Cisco wrote.

Another high warning problem lets an authenticated, local attacker elevate privileges to root on the underlying operating system.  An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges, Cisco wrote.  The vulnerability is due to insufficient input validation.

The third high-level vulnerability in the SD-WAN Solution software could let an attacker cause a buffer overflow on an affected device. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make, Cisco wrote.

The vulnerabilities affect a number of Cisco products if they are running a Cisco SD-WAN Solution software release earlier than Release 19.2.2: vBond Orchestrator Software, vEdge 100-5000 Series Routers, vManage Network Management System and vSmart Controller Software.

Source link