Cisco has patched Critical vulnerabilities in VPN Firewall and Router products, as well as High risk bugs in SD-WAN products.
VMware has released a patch for a high severity SQL-injection vulnerability CVE-2020-3973 in VMware SD-WAN by VeloCloud (VeloCloud).
Cisco has released a High severity security update that fixes an IOS XE SD-WAN software command injection vulnerability CVE-2019-16011.
Citrix has made available a new permanent fix for a critical vulnerability CVE-2019-19781 in affected versions of Citrix SD-WAN WANOP. The update comes nearly five days after Citrix provided firmware updates for the same vulnerability in Application Delivery Controller (ADC) and Citrix Gateway products. An unathenticated attacker could exploit the vulnerability and execute arbitrary code.
Security researchers have discovered critical vulnerabilities in Citrix SD-WAN appliance. Hackers could remotely exploit the vulnerabilities without authentication and gain root access.
Cisco released a security update to fix a critical vulnerability in the vContainer of the Cisco SD-WAN Solution. A remote authenticated attacker could cause a denial of service (DoS) condition and execute arbitrary code as the root user.