Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Cisco fixed multiple flaws in Cisco SD-WAN products and Smart Software Manager Satellite Web UI

Cisco fixed multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against its devices. Cisco released security updates to address multiple flaws in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against vulnerable devices. These vulnerabilities impact devices running the following Cisco SD-WAN Software: IOS XE SD-WAN […]

Cisco Catalyst

Cisco fixed multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against its devices.

Cisco released security updates to address multiple flaws in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against vulnerable devices.

These vulnerabilities impact devices running the following Cisco SD-WAN Software:

  • IOS XE SD-WAN Software
  • SD-WAN vBond Orchestrator Software
  • SD-WAN vEdge Cloud Routers
  • SD-WAN vEdge Routers
  • SD-WAN vManage Software
  • SD-WAN vSmart Controller Software

The first issue, tracked as CVE-2021-1300, is a Cisco SD-WAN buffer overflow vulnerability that could be exploited by an unauthenticated, remote attacker to trigger a buffer overflow condition.

“A vulnerability in Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition.” reads the security advisory. “A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges.”

The vulnerability stems from the incorrect handling of IP traffic. An attacker can trigger the flaw by sending crafted IP traffic through an affected device, which may cause a buffer overflow when the traffic is processed. The flaw has been rated with a CVSS Base Score of 9.8.

The IT giant said that there are no workarounds that address this vulnerability.

The second flaw addressed by the company is a Cisco SD-WAN buffer overflow vulnerability tracked as CVE-2021-1301.

A flaw resides in the NETCONF subsystem, an authenticated, remote attacker could exploit the vulnerability to trigger a denial of service (DoS) condition on an affected device or system.

The vulnerability is caused by the insufficient input validation of user-supplied input that is read by the system during the establishment of an SSH connection.

“An attacker could exploit this vulnerability by submitting a crafted file to be read by the affected system. A successful exploit could allow the attacker to cause a buffer overflow that could result in a DoS condition on the affected device or system.” states the advisory.

The flaw has been rated with a CVSS Base Score of 6.5, the company said that are no workarounds that address this vulnerability.

Cisco also addressed critical Command Injection vulnerabilities in Smart Software Manager Satellite Web UI.

The flaws, tracked as CVE-2021-1138, CVE-2021-1140, and CVE-2021-1142, affect Cisco Smart Software Manager Satellite releases 5.1.0 and earlier and have been fixed with the release of versions 6.3.0 and later.

“Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system.” reads the advisory.

The Cisco Product Security Incident Response Team (PSIRT) is not aware of public announcements or threat actors exploiting the above issues in attacks in the wild.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Cisco)

[adrotate banner=”5″]

[adrotate banner=”13″]