Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

These updates include fixes for three critical vulnerabilities:

• Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability — CVE-2021-34727;

• Cisco IOS XE Software Remote Code Execution Vulnerability — CVE-2021-34770;

• Cisco IOS XE Software Authentication Bypass Vulnerability — CVE-2021-1619.

Cisco has also released patches for high severity and medium severity vulnerabilities impacting Cisco IOS XE, Cisco IOS XE SD-WAN, Cisco SD-WAN, Cisco SD-WAN vManage, Cisco Embedded Wireless Controller products, Cisco Access Points (APs) platforms, multiple Cisco Operating Systems, Cisco ASR 900 and ASR 920 series routers. Details on all of the addressed vulnerabilities are available on Cisco’s security portal – cisco.com.