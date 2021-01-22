- Advertisement -

Cisco warns to your users about vulnerabilities in SD-WAN software. In addition, it urges to carry out the respective updates to avoid being victims of cybercrime.

To clarify a bit, SD-WAN is software that facilitates branch office networking and improves application performance on the Internet. The telco has indicated that the flaws are affecting the security of SD-WAN, as well as the Cisco DNA Center and Smart Software Manager Satellite. Solutions that the company uses to receive data electronically and guarantee its confidentiality.

The company details a total of three vulnerabilities that are tracked as CVE-2021-1260, CVE-2021-1261, CVE-2021-1262. These have a CVSS score of 9.9 out of 10. This means that users should update as soon as possible, as they could be the victim of hackers. Although, the company stresses that for this to be possible, hackers would need a valid password.

These vulnerabilities are independent

So far, the flaw has affected “SD-WAN vBond Orchestrator software, SD-WAN vEdge cloud routers, vEdge SD-WAN routers, vManage SD-WAN software, and SD-WAN vSmart controller software,” according to Cisco.

These software weaknesses are independent, Cisco indicates that “exploitation is not required” of one of the flaws to exploit the other. Similarly, it adds that “a software version that is affected by one of the vulnerabilities may not be affected by the others.”

But what are the reasons for these software weaknesses?

Cisco reports that these failures are due to incorrect validations “of user input” when it comes to “configure device template”, the tcpdump command. As well as the CLI of the Cisco SD-WAN software.

Although they do not depend on each other, they have something in common: allowing the attacker to gain root-level access to the affected system. This makes it easy to read, write, and even delete files from the affected device. In this regard, Cisco indicates:

“Various vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device.”

At the moment, for these command injection vulnerabilities “there are no workarounds available”. So the best option to prevent attacks is to follow Cisco’s call and apply the respective updates.

