Security updates have been released by Cisco addressing several critical remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software. 

______________________________

A. List of Vulnerabilities

Smart Software Manager Satellite Web UI Command Injection Vulnerabilities

– Allows an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system.

  • CVE-2021-1138
  • CVE-2021-1139
  • CVE-2021-1140
  • CVE-2021-1141
  • CVE-2021-1142

SD-WAN Command Injection Vulnerabilities

– Allows an authenticated attacker to perform command injection attacks against an affected device, which subsequently allow the attacker to take certain actions with root privileges on the device.

  • CVE-2021-1260
  • CVE-2021-1261
  • CVE-2021-1262
  • CVE-2021-1263
  • CVE-2021-1298
  • CVE-2021-1299

SD-WAN Buffer Overflow Vulnerabilities

– Allows an unauthenticated, remote attacker to execute attacks against an affected device.

  • CVE-2021-1300
  • CVE-2021-1301

DNA Center Command Runner Command Injection Vulnerability

– Allows an authenticated, remote attacker to perform a command injection attack.

  • CVE-2021-1264

______________________________

B. List of Vulnerable Systems/Devices

Vulnerable Cisco SD-WAN and Cisco Smart Software Manager Software are as follows:

  • IOS XE SD-WAN Software
  • SD-WAN vBond Orchestrator Software
  • SD-WAN vEdge Cloud Routers
  • SD-WAN vEdge Routers
  • SD-WAN vManage Software
  • SD-WAN vSmart Controller Software
  • DNA Center Software versions earlier than 1.3.1.0 
  • Smart Software Manager Satellite version 5.1.0 and earlier

______________________________

C. Actions to be Taken

CERT-PH recommends the following actions be taken:

Immediately test and apply the corresponding patched versions of the affected Cisco product:

  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-cmdinjm-9QMSmgcn
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-cmdinj-erumsWh9
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-multici-pgG5WM5A
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj