Cisco patches Critical IOS XE and SD-WAN vulnerabilities

Cisco patches Critical IOS XE and SD-WAN vulnerabilities

Cisco has fixed three Critical risk Cisco IOS XE Software vulnerabilities in multiple network products, as well as three High risk SD-WAN vEdge vulnerabilities.

An attacker could exploit these vulnerabilities and potentially take over affected devices.

IOS XE Software

On September 22, 2021, Cisco addressed one Critical remote code execution (RCE) vulnerability CVE-2021-34770 in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers.

“A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the affected device to crash and reload, resulting in a DoS condition,” Cisco warned.

This vulnerability also carries a CVSS score of 10.0 (the highest score possible).

To add, a second Cisco update fixed a Critical IOS XE SD-WAN Software Buffer Overflow vulnerability CVE-2021-34727 (CVSS score of 9.8).

“A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition,” Cisco stated.

A third update addressed a Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability CVE-2021-1619 (CVSS score of 9.8).

“A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication,” Cisco said.

As a consequence, an attacker could:

  • Install, manipulate, or delete the configuration of an affected device.
  • Cause memory corruption that results in a denial of service (DoS) on an affected device.

SD-WAN vEdge

Moreover, Cisco released on September 24, 2021 a High risk security advisory for three Cisco SD-WAN vEdge Software Buffer Overflow vulnerabilities (CVE-2021-1509, CVE-2021-1510, and CVE-2021-1511).

If left unpatched, these vulnerabilities could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device.

These vulnerabilities impact SD-WAN vEdge Cloud Routers and SD-WAN vEdge Routers.

Readers can also check out Cisco’s security advisories page for more details on most recent Cisco product vulnerabilities and mitigations.

Related Articles