Cisco Including a Critical Severity Issue Impacting the SD-WAN vManage Software


Cisco released fixes for dozens of vulnerabilities this week, including one that affects the SD-WAN vManage programme and is of severe severity.

The critical bug, identified as CVE-2021-1479 with a CVSS score of 9.8, exists due to inappropriate validation of user-supplied input and could enable an attacker to cause a buffer overflow by sending a designed link request to SD-WAN vManage’s remote management component.

According to Cisco, an attacker who successfully exploited the security flaw would be able to “run arbitrary code on the underlying operating system with root privileges.”

In SD-WAN vManage, the bug was fixed alongside two high severity elevation of privilege vulnerabilities, each with a CVSS score of 7.8.

The vulnerabilities, which can be exploited by authenticated attackers, could lead to the escalation of privileges to root. IOS XE SD-WAN software, SD-WAN cEdge routers, SD-WAN vBond Orchestrator software, SD-WAN vEdge routers, and SD-WAN vSmart Controller software are all affected, according to Cisco.

There are no workarounds available, according to the company, which has released software updates to fix the flaws. Cisco also says it isn’t aware of any vulnerabilities that have been abused in the wild.

Cisco, on the other hand, revealed that it would not be releasing fixes for a crucial vulnerability.The web-based management interface of the RV110W, RV130, RV130W, and RV215W small business routers, which have entered end-of-life, has a vulnerability.

The vulnerability, identified as CVE-2021-1459 and activated by designed HTTP requests, could be used to execute arbitrary code with root privileges. RV110W Wireless-N VPN firewall, RV130 VPN router, RV130W Wireless-N multifunction VPN router, and RV215W Wireless-N VPN router are all affected by the vulnerability.

“Cisco has not released and will not release software updates to fix the vulnerability identified in this advisory,” says the company. The Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers have reached the end of their life cycle, according to the company.

Several high-severity flaws in the tech giant’s Small Business RV series routers may be abused to run arbitrary commands, execute code, leak memory, or trigger denial-of-service conditions. Unified Communications Manager (Unified CM) and Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet were also patched for high-risk flaws.

Cisco also issued advisories outlining medium-severity bugs in IOS XR, Webex Meetings for Android, Webex Meetings, Cisco Umbrella, Dual WAN Gigabit VPN routers, Unified Intelligence Center applications, Unified CM, and Unified CM SME.

Cisco’s help page has further information on each of the vulnerabilities discussed a Website.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.