Security updates have been released by Cisco addressing several critical remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software.
______________________________
A. List of Vulnerabilities
Smart Software Manager Satellite Web UI Command Injection Vulnerabilities
– Allows an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system.
- CVE-2021-1138
- CVE-2021-1139
- CVE-2021-1140
- CVE-2021-1141
- CVE-2021-1142
SD-WAN Command Injection Vulnerabilities
– Allows an authenticated attacker to perform command injection attacks against an affected device, which subsequently allow the attacker to take certain actions with root privileges on the device.
- CVE-2021-1260
- CVE-2021-1261
- CVE-2021-1262
- CVE-2021-1263
- CVE-2021-1298
- CVE-2021-1299
SD-WAN Buffer Overflow Vulnerabilities
– Allows an unauthenticated, remote attacker to execute attacks against an affected device.
- CVE-2021-1300
- CVE-2021-1301
DNA Center Command Runner Command Injection Vulnerability
– Allows an authenticated, remote attacker to perform a command injection attack.
- CVE-2021-1264
______________________________
B. List of Vulnerable Systems/Devices
Vulnerable Cisco SD-WAN and Cisco Smart Software Manager Software are as follows:
- IOS XE SD-WAN Software
- SD-WAN vBond Orchestrator Software
- SD-WAN vEdge Cloud Routers
- SD-WAN vEdge Routers
- SD-WAN vManage Software
- SD-WAN vSmart Controller Software
- DNA Center Software versions earlier than 1.3.1.0
- Smart Software Manager Satellite version 5.1.0 and earlier
______________________________
C. Actions to be Taken
CERT-PH recommends the following actions be taken:
Immediately test and apply the corresponding patched versions of the affected Cisco product:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-cmdinjm-9QMSmgcn
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-cmdinj-erumsWh9
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-multici-pgG5WM5A
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj