Recent updates to Cisco’s SD-WAN and Cloud License Manager products have been released to address remotely exploitable buffer overflow and command injection vulnerabilities. The following SD-WAN products are vulnerable to CVE-2021-1300 and CVE-2021-1301:
- IOS XE SD-WAN Software
- SD-WAN vBond Orchestrator Software
- SD-WAN vEdge Cloud Routers
- SD-WAN vEdge Routers
- SD-WAN vManage Software
- SD-WAN vSmart Controller Software
CVE-2021-1138, CVE-2021-1140, and CVE-2021-1142 affect versions 5.1.0 and below of Cisco Smart Software Manager Satellite. Newer versions of this software have been renamed to Cisco Smart Software Manager On-Prem.
All of the vulnerabilities listed above were found by Cisco through internal testing and no evidence of exploitation of these vulnerabilities in the wild has been found.
Analyst Notes
Cisco has provided a helpful table in their security advisory for which SD-WAN updates to apply for each product. Cisco Smart Software Manager Satellite has been renamed to Cisco Smart Software Manager On-Prem and addresses the command injection vulnerabilities with version 6.3.0. Binary Defense highly recommends administrators update these products as soon as possible.
Source: https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-pre-auth-bugs-in-sd-wan-cloud-license-manager/
