Cisco SD-WAN command injection vulnerability could lead to code execution as root

Cisco SD-WAN command injection vulnerability could lead to code executions as root

Cisco has fixed a High risk Cisco IOS XE SD-WAN Software command injection vulnerability that could lead to code execution as root. The tech giant also released security updates for Analog Telephone Adapter and Web Security Appliance vulnerabilities.

An attacker could exploit these vulnerabilities and potentially take over affected devices.

“The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges,” Cisco warned in the advisory on October 20, 2021.

Cisco confirmed the vulnerability (CVE-2021-1529) affects the following Cisco products when running vulnerable Cisco IOS XE Software:

  • 1000 Series Integrated Services Routers (ISRs)
  • 4000 Series ISRs
  • ASR 1000 Series Aggregation Services Routers
  • Catalyst 8000 Series Edge Platforms
  • Cloud Services Router (CSR) 1000V Series.

The vulnerability has a CVSS base score of 7.8 and is rated High severity.

Other Cisco patches

In addition, Cisco also patched Cisco ATA 190 Series Analog Telephone Adapter Software vulnerabilities (CVE-2021-34710, CVE-2021-34735) and a Web Security Appliance Proxy Service denial of service vulnerability (CVE-2021-34698). The updates were released October 22, 2021.

Cisco also said it is not aware of any publicly known exploits of these vulnerabilities.

Readers can check out Cisco Security Advisories page for a full listing of the latest security updates on all Cisco products.

Related Articles