Citrix has addressed a Critical unauthenticated denial of service (DoS) vulnerability CVE-2021-22955 in ADC and Citrix Gateway products.
Cisco has fixed a High risk Cisco IOS XE SD-WAN Software command injection vulnerability that could allow a hacker to execute code with root privileges. The tech giant also released security updates for Analog Telephone Adapter and Web Security Appliance vulnerabilities.
Cisco has patched multiple vulnerabilities in Cisco SD-WAN, Small Business routers, Unified Communications Products and Advanced Malware Protection. Two of those vulnerabilities (CVE-2021-1479, CVE-2021-1459) are rated Critical.
Cisco has patched eight Critical vulnerabilities in SD-WAN products, as well as fixes for multiple other network products.
VMware has patched six vulnerabilities that affect VMware SD-WAN Orchestrator. An attacker could exploit this vulnerability and take control of an unpatched system.
Cisco has patched Critical vulnerabilities in VPN Firewall and Router products, as well as High risk bugs in SD-WAN products.
VMware has released a patch for a high severity SQL-injection vulnerability CVE-2020-3973 in VMware SD-WAN by VeloCloud (VeloCloud).
Cisco has released a High severity security update that fixes an IOS XE SD-WAN software command injection vulnerability CVE-2019-16011.
Citrix has made available a new permanent fix for a critical vulnerability CVE-2019-19781 in affected versions of Citrix SD-WAN WANOP. The update comes nearly five days after Citrix provided firmware updates for the same vulnerability in Application Delivery Controller (ADC) and Citrix Gateway products. An unathenticated attacker could exploit the vulnerability and execute arbitrary code.
Security researchers have discovered critical vulnerabilities in Citrix SD-WAN appliance. Hackers could remotely exploit the vulnerabilities without authentication and gain root access.