Cisco has released security updates to address a critical pre-authentication remote code execution (RCE) vulnerability affecting SD-WAN vManage Software’s remote management component.
The company fixed two other high-severity security vulnerabilities in the user management (CVE-2021-1137) and system file transfer (CVE-2021-1480) functions of the same product allowing attackers to escalate privileges.
Successful exploitation of these two bugs could allow threat actors targeting them to obtain root privileges on the underlying operating system.
The critical security flaw tracked a CVE-2021-1479 received a severity score of 9.8/10. It allows unauthenticated, remote attackers to trigger a buffer overflow on vulnerable devices in low complexity attacks that don’t require user interaction.
“An attacker could exploit this vulnerability by sending a crafted connection request to the vulnerable component that, when processed, could cause a buffer overflow condition,” Cisco explained.
“A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges.”
The vulnerabilities affect Cisco SD-WAN vManage releases 20.4 and earlier. Cisco has addressed them in the 20.4.1, 20.3.3, and 19.2.4 security updates published today and advises customers to migrate to a fixed release as soon as possible.
Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business
| Affected Cisco SD-WAN vManage releases | First fixed release |
|---|---|
| 18.4 and earlier | Migrate to a fixed release. |
| 19.2 | 19.2.4 |
| 19.3 | Migrate to a fixed release. |
| 20.1 | Migrate to a fixed release. |
| 20.3 | 20.3.3 |
| 20.4 | 20.4.1 |
While CVE-2021-1479 was discovered found by Cisco security researchers during internal security testing, CVE-2021-1137 and CVE-2021-1480 were reported by external researchers.
Cisco’s Product Security Incident Response Team (PSIRT) said that the company is not aware of active exploitation of these vulnerabilities in the wild.
Today, Cisco also disclosed a critical RCE vulnerability (CVE-2021-1459) in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. No security updates will be released since these devices have reached end-of-life.
The company fixed another pre-auth RCE vulnerability (CVE-2021-1300) affecting Cisco SD-WAN Software products in January 2021, enabling attackers to execute arbitrary code with root privileges after exploitation.
Also Read: Data Protection Officer Singapore | 10 FAQs
Two more critical pre-auth bugs found in Cisco SD-WAN software were addressed last year, in July.
Role of Enhanced Access Controls in Safeguarding Personal Data in Telecommunications that every Organisation in…
Effective Incident Response Procedures in Strengthening Data Security that every Organisation in Singapore should know…
Crucial Role of Regular Vulnerability Scanning that every Organisation in Singapore should know. Strengthening Your…
Enhancing Data Security with Multi-Factor Authentication that every Organisation in Singapore should know. Enhancing Data…
Strong Password Policy as a first line of defense against data breaches for Organisations in…
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
This website uses cookies.
