Cisco has released patches to address five security vulnerabilities affecting its routers and software-defined WAN (SD-WAN) management and controller software.
According to Cisco, these bugs, if exploited, could enable threat actors to run commands with root privileges on vulnerable systems.
All five flaws, however, require authentication before they can be exploited by an attacker.
Three of the bugs are rated as "high impact" flaws, affecting Cisco products using SD-WAN software earlier than Release 19.2.2.
The hardware affected by these flaws includes Cisco vBond and vSmart controllers, the vManage Network Management system, the vBond Orchestrator software, as well as various vEdge routers and vEdge cloud router platform.
The most severe of these flaws is CVE-2020-3266, which exists in the Command Line Interface (CLI) of Cisco SD-WAN Solution software. This flaw stems from insufficient input validation in the software and could allow an authenticated, local attacker to run arbitrary commands with root privileges.
The flaw is assigned a CVSS score of 7.8 out of 10.0, making it a high-severity flaw.
It affects following Cisco products if they are using a SD-WAN Solution software earlier than Release 19.2.2:
- vBond Orchestrator Software
- vEdge 100 Series Routers
- vEdge 1000 Series Routers
- vEdge 2000 Series Routers
- vEdge 5000 Series Routers
- vEdge Cloud Router Platform
- vManage Network Management System
- vSmart Controller Software
The second flaw addressed by Cisco in its SD-WAN solution is CVE-2020-3264. It is also a buffer overflow flaw, which arises due to insufficient input validation in the software.
The flaw, assigned a CVSS score of 7.1, could be exploited by sending specially-crafted traffic to a vulnerable device. It could enable local, authenticated attackers to access sensitive information from a vulnerable system and also make changes to it, which they are not authorised to make.
The third high-severity flaw affecting Cisco's SD-WAN Solution is CVE-2020-3265, a privilege escalation bug that can be exploited by sending a crafted request to a vulnerable system.
The flaw, which is issued a CVSS score of 7.0, could allow an authenticated, local attacker to elevate privileges and ultimately gain "root-level" privileges on the underlying OS.
The two medium-impact vulnerabilities fixed by Cisco impact the web user interface of the SD-WAN vManage software.
Cisco said that it is currently not aware of any malicious use of these bugs by threat actors.
Operators are using a new module to target Remote Desktop Protocols
EU's External Action Service claims to have nearly 80 examples of Russia-linked disinformation since 22nd January
Such password managers use weak criteria to find out whether an app is genuine or not
Eighty-five per cent of Microsoft Exchange Servers vulnerable to remote-code execution security flaw patched last month
Organisations warned to patch protect against CVE-2020-0688 as state-backed APTs start targeting vulnerable Exchange Servers
The researchers were able to unlock military files simply by entering 'guest' for the username and password