Cisco has recently rolled out fixes for multiple vulnerabilities found in its SD-WAN Solution. These include one critical and numerous high severity vulnerabilities. Cisco found these vulnerabilities during internal security testing procedures.
Critical Vulnerability Patched In SD-WAN Solution
Reportedly, Cisco has rolled out a fix for a critical security flaw in its SD-WAN Solution. The flaw mainly existed in SD-Wan Solution’s vContainer that could allow an attacker to execute arbitrary codes remotely on the target device, and create DoS state.
As described in Cisco’s advisory,
“The vulnerability is due to improper bounds checking by the vContainer. An attacker could exploit this vulnerability by sending a malicious file to an affected vContainer instance. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected vContainer, which could result in a DoS condition that the attacker could use to execute arbitrary code as the root user.”
The vulnerability has received CVE number CVE-2019-1651 and has been deemed critical with a CVSS base score of 9.9.
Multiple High-Severity Flaws Also Fixed
The firm has also released fixes for multiple high-severity security flaws in SD-WAN Solution. These include multiple privilege escalation vulnerabilities (CVE-2019-1646) that could let a local attacker modify configuration files by elevating privileges.
In addition, the other vulnerabilities receiving fixes include unauthorized access vulnerabilities (CVE-2019-1647) allowing an adjacent attacker to bypass authentication, another privilege escalation vulnerability (CVE-2019-1648) giving root level privileges to a local attacker, and an arbitrary file overwrite vulnerability (CVE-2019-1650) giving root level privileges to a remote attacker.
All these vulnerabilities affected Cisco SD-WAN Solution versions before the release 18.4.0. Cisco confirmed no wild exploits of any of these vulnerabilities.
In the previous week as well, Cisco announced about a critical vulnerability in Small Business Switches that could allow an unauthorized attacker to bypass user authentication. Until now, Cisco has not released any fixes for this vulnerability. Rather they have simply asked the users to keep configured at least one level 15 privilege account so that the default account remains deactivated.