The Cisco SD-WAN security problems were part of 23 security advisories Cisco announced on Jan. 23 Credit: Getty Images Cisco has patched security vulnerabilities in four packages of SD-WAN Solution software that address buffer overflow, arbitrary file override and privilege access weaknesses that could have led to denial-of-service attacks or access problems. The first patch, called “Critical” by Cisco, fixes a vulnerability in the vContainer of the Cisco SD-WAN Solution that could let an authenticated, remote attacker cause a denial of service (DoS) and execute arbitrary code as the root user, the company wrote in a security advisory. This vulnerability touches Cisco vSmart Controller Software running a release of the Cisco SD-WAN Solution prior to Release 18.4.0. “The vulnerability is due to improper bounds checking by the vContainer. An attacker could exploit this vulnerability by sending a malicious file to an affected vContainer instance,” Cisco stated. The twist here is that customer must request the fix from Cisco to get it. “There is no fixed software for Cisco customers to download and deploy for this vulnerability. Customers must engage their Cisco support contact to ensure the deployment of the latest software fix.” {UPDATE: Cisco says it has updated this advisory to let customers know the fixed software has already been deployed by Cisco for this vulnerability. There is no action customers need to take. Cisco SD-WAN Solution Buffer Overflow Vulnerability (CVE-2019-1651) Cisco SD-WAN Solution Unauthorized Access Vulnerability (CVE-2019-1647).] The second SD-WAN-related patch is again for Cisco SD-WAN Solution software. The “High” impact alert that could let an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. An attacker could exploit this vulnerability by modifying the “save” command in the Command Line Interface (CLI) of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user, Cisco wrote in its security advisory. The weakness impacts the following Cisco products running a release of the Cisco SD-WAN Solution prior to Release 18.4.0: vBond Orchestrator Software vEdge 100 Series Routers vEdge 1000 Series Routers vEdge 2000 Series Routers vEdge 5000 Series Routers vEdge Cloud Router Platform vManage Network Management Software vSmart Controller Software A third security weakness affecting the same group of SD-WAN Solution products could let an authenticated, local attacker gain root-level privileges and take full control of the device. “The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system,” Cisco wrote. Also, in that same group of products, Cisco warned of “multiple” vulnerabilities in the local CLI of the Cisco SD-WAN Solution could let an authenticated, local attacker to escalate privileges and modify device configuration files. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device, Cisco wrote. “The vulnerabilities exist because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit these vulnerabilities by sending crafted commands to the CLI of an affected device,” Cisco stated. Cisco says there are free updates available to fix the three high-priority SD-WAN vulnerabilities. Cisco Product Security Incident Response Team said it wasn’t aware of any actual malicious use of the vulnerabilities. The SD-WAN security problems were part of 23 flaws Cisco announced on Jan. 23. Others included vulnerabilities in Cisco WebEx and FirePower firewalls. Related content analysis HPE Aruba boosts Wi-Fi 7 AP capacity, eases IoT network management New 700 series Wi-Fi 7 access points from HPE Aruba offer faster performance, improved IoT and location capabilities, and twice as much SDRAM and flash memory for local data processing. By Michael Cooney Apr 23, 2024 4 mins Wi-Fi Network Security Networking brandpost Sponsored by Zscaler Legacy firewalls and VPNs still not up to par when stopping attacks Zero trust leaves the weaknesses of perimeter-based, network-centric, firewall-and-VPN architectures in the past. By Zscaler Apr 23, 2024 6 mins Network Security news Networking among tech roles forecast for growth in 2024 In the U.S., tech occupation employment is projected to increase by 203,125 jobs, or 3.5%, in 2024, according to CompTIA. By Denise Dubie Apr 23, 2024 3 mins Certifications IT Jobs IT Skills news European trade body lashes out at Broadcom’s VMware licensing changes CISPE said the economic viability of many cloud services utilized by customers in Europe is threatened by “the massive and unjustifiable hikes in prices, the re-bundling of products, the altered basis of billing.” By Prasanth Aby Thomas Apr 23, 2024 5 mins Technology Industry Cloud Computing PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe