Cisco fixes bug allowing remote code execution with root privileges
Cisco has released security updates to address a critical remote code execution (RCE) vulnerability affecting SD-WAN vManage Software's remote management component.
The critical security flaw tracked a CVE-2021-1479 received a severity score of 9.8/10. It allows unauthenticated, remote attackers to trigger a buffer overflow on vulnerable devices. "A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges", Cisco explained.
The company fixed two other high-severity security vulnerabilities in the user management (CVE-2021-1137) and system file transfer (CVE-2021-1480) functions of the same product allowing attackers to escalate privileges.
Successful exploitation of these two bugs could allow threat actors to obtain root privileges on the underlying operating system.
The vulnerabilities affect Cisco SD-WAN vManage releases 20.4 and earlier. Cisco has addressed them in the 20.4.1, 20.3.3, and 19.2.4 security updates and advises customers to migrate to a fixed release as soon as possible.
Cisco also disclosed a critical RCE vulnerability (CVE-2021-1459) in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. No security updates will be released since these devices have reached end-of-life.
More information on vulnerabilities and updates is available in the Cisco security advisories – cisco.com.
Source: bleepingcomputer.com
08 April 2021