Cisco fixed multiple flaws in SD-WAN vManage Software, including a critical RCE

Pierluigi Paganini April 08, 2021

Cisco has addressed a critical pre-authentication remote code execution (RCE) vulnerability in the SD-WAN vManage Software.

Cisco has addressed multiple vulnerabilities in Cisco SD-WAN vManage Software that could be exploited by an unauthenticated, remote attacker to execute arbitrary code or by an authenticated, local attacker to gain escalated privileges on vulnerable systems.

The most severe vulnerability is a critical pre-authentication remote code execution (RCE) issue, tracked as CVE-2021-1479, that affects the remote management component of its SD-WAN vManage Software.

The CVE-2021-1479 flaw could be exploited by an unauthenticated, remote attacker to trigger a buffer overflow on vulnerable devices. The issue could be easily exploited in low complexity attacks without user interaction, for this reason, it received a severity score of 9.8/10.

“A vulnerability in a remote management component of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition. The vulnerability is due to improper validation of user-supplied input to the vulnerable component.” reads the advisory published by Cisco. “An attacker could exploit this vulnerability by sending a crafted connection request to the vulnerable component that, when processed, could cause a buffer overflow condition. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges.”

The tech giant also addressed two other high-severity security flaws in the user management and system file transfer functions of the same product, respectively tracked as CVE-2021-1137 and CVE-2021-1480. Both flaws could allow attackers to escalate privileges. Both flaws are due to insufficient input validation, they could be triggered to gain root privileges on the underlying operating system.

The vulnerabilities affect Cisco SD-WAN vManage releases 20.4 and earlier, the company addressed the flaw with the release of 20.4.1, 20.3.3, and 19.2.4 security updates.

Cisco’s Product Security Incident Response Team (PSIRT) confirmed that it is not aware of attacks in the wild exploiting the above vulnerabilities.

In January, Cisco released security updates to address multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against vulnerable devices.

One of the issues, tracked as CVE-2021-1300, is a Cisco SD-WAN buffer overflow vulnerability that could be exploited by an unauthenticated, remote attacker to trigger a buffer overflow condition.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Hades ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment