MY BRAND BOOK Cisco hits another SD-WAN bug

Cisco hits another SD-WAN bug

By MYBRANDBOOK

Cisco has patched a high-severity vulnerability affecting routers running the company’s popular SD-WAN software. The vulnerability is caused by insufficient input validation stemming from the command line interface (CLI) of Cisco’s IOS XE SD-WAN software. If exploited, the bug could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.

The vulnerability affects several routers running the software including both 1000 series Aggregation and Integrated Services Routers (ISR), 4000 series ISRs, and Cloud Services Router 1000v Series.

Cisco reports, “An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility”. However, the company notes that the attacker would have had to be authenticated to access the CLI utility.

Cisco has also confirmed that the bug does not affect its IOS, IOS XE, vBond, vEdge, vManage, or vSmart software suites. While Cisco says it is not aware of any malicious use of the vulnerability, with 20,000 customers around the world using Cisco’s Viptela and Meraki SD-WAN offerings, the vulnerability remains notable.

The latest bug comes after the company patched three high-impact and two medium-impact vulnerabilities affecting its routers and SD-WAN management, orchestration, and controller software, in late March.

Similar to this week’s patch, the first two bugs would have allowed an authenticated, local attacker to gain root-level privileges on the operating system. The third high-impact bug would have allowed a local attacker to trigger a buffer overflow on an effected device in order to gain control.

The medium-impact vulnerabilities were discovered in Cisco’s SD-WAN vManage web user interface, which would have allowed an attacker to conduct a cross-site scripting attack against the user. The second medium-threat bug would have enabled SQL injection attacks on the affected system.

BREAKING NEWS

Elon Musk Merges X with xAI in $33 Billion Stock Deal...

Elon Musk has made waves once again by merging X (formerly Twitter) with...

India Strengthens Electronics Supply Chain with ₹22,919 Cr Manu...

The scheme aims to attract an investment of INR 59,350 Cr, resulting in pro...

Govt Drops Import Duty making EV Batteries cheaper...

The Centre is taking measures to counter the impact of US President Donald ...

CERT-In’s New Advisory Unveils Hidden Cyber Threats...

The advisory highlights critical vulnerabilities in AI models, outlines mul...

TECHNO TRENDS

Legal Battle Over IT Act Intensifies Amid Musk’s India Plans

The outcome of the legal dispute between X Corp and the Indian government c...

Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth

The agreement, executed through Wipro and its 100% subsidiary,...

Centre announces that DPDP Rules nearing Finalisation by April

The government seeks to refine the rules for robust data protection, ensuri...

Home Ministry cracks down on PoS agents in digital arrest scam

Digital arrest scams are a growing cybercrime where victims are coerced or ...

E-Magazine

TECHNOTAINMENT

For 2nd Time, Kaspersky announced Mumbai Indians’ Official C

Hrithik Roshan to endorse RuPay as Brand Ambassador

RuPay is reportedly planning to feature Bollywood superstar Hrithik Rosha

India Today Group launches – AI Pop Stars

Staying true to our industry leadership position in using cutting-edge tech

MOVERS & SHAKERS

Cloudflare Promotes Goran Risticevic as VP & MD for APAC

TelioLabs ropes in Phaniraj V A as the Group CEO

TelioLabs has announced the onboarding of Phaniraj V A as its new Group CE

Wipro Appoints Amit Kumar as Managing Partner and Global Head

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading technology s

OPEN YOUR EYES

Urgency In Refuelling Digital Transformation For Customizing Needs

Modernize the IT Strategy To Navigate COVID-19 and Beyond

India is the fastest growing digital economies, Shaping Towards the New Normal

Business continuity is the most valuable asset for financial institutions

COVID-19 Brings Opportunity For Businesses To Tide Over The Current Crisis

INTERVIEWS

Alpha Max offers high end solutions in the network space to en

Alcatel-Lucent Enterprise Carrying a 100 year legacy ahead

A good amount of R&D works and global support services are operated out of

Delivering Critical Business Communication Solutions to Enterp

Arya Omnitalk and Syntel’s comprehensive suite of solutions and more than

HOT PICK

ASUS ExpertCenter P500 Mini Tower Desktop PC's launched in Ind

MSI Announces the availability of RTX 50 series of laptops in

MSI, the innovative computing manufacturer in gaming, creator

Nothing Phone (3a) goes on sale today, starting at Rs 19,999

The phone was launched on March 4, featuring a 50MP main, ultra-wide, and t

MAKE IN INDIA BRANDS

NETWEB TECHNOLOGIES INDIA LTD.

ACER INDIA PVT. LTD.

LUMINOUS POWER TECHNOLOGIES PVT. LTD.

TECHROUTES NETWORK PRIVATE LIMITED

EMINENT CIO'S OF INDIA

STRATEGIC FRAMEWORK FOR SUSTAINABLE BUSINESS EXPANSION IS PATHWAY TO PROSPERITY

Accelerate the adoption of AI and machine learning...

AI TO IMPROVE INSIGHTS THROUGH AUGMENTED ANALYTICS, WHILE EDGE COMPUTING TO ALLOW REAL-TIME PROCESSING

For the fiscal year 2024-25, our organization has ...

HARNESSING THE POWER OF BIG DATA TO GAIN VALUABLE INSIGHTS

A Technology certainly drives innovation and busin...

ICONS OF INDIA

ICONS OF INDIA : SANDIP PATEL

Sandip Patel is the Managing Director for IBM India & South Asia regio...

ICONS OF INDIA : RAJESH NAMBIAR

Rajesh leads the company’s India associates and enhances relationshi...

ICONS OF INDIA : SACHIN BANSAL

Sachin Bansal is an Indian entrepreneur. He is best known as the found...

PARTNER SPEAKERS

"WE BELIEVE IN FOSTERING COLLECTIVE GROWTH"

These insights inform strategic adjustments, improvements and ensuring communi...

Innovation, Technology and Partnerships Continue To Be The Cornerstone Of Growth

IT distribution is undergoing a significant transformation. As technology evol...

Innovation, alliances, client trust and team: Key Drivers of Success

Digital transformation is indeed a critical area. Intensity Global focuses on ...

PSU

CSC - Common Service Centres

CSC initiative in India is a strategic cornerstone of the Digital Indi...

BEL - Bharat Electronics Limited

BEL is an Indian Government-owned aerospace and defence electronics co...

NIC - National Informatics Centre

NIC serves as the primary IT solutions provider for the government of ...

VIDEOS

Top 25 Brands

Most Trusted Brands 2024 : Samsung Electronics Co. Ltd.

Samsung invests heavily in marketing campaigns to promote...

Most Trusted Brands 2024 : Salesforce Inc.

Salesforce prioritizes customer success and satisfaction, focusing on building...

Most Trusted Brands 2024 : Oracle Corporation

Oracle focuses on secure enterprise software, and cloud solutions to build str...

Global Indian industry

Indian Tech Talent Excelling The Tech World - JAY CHAUDHRY, CEO – Zscaler

Jay Chaudhry, an Indian-American technology entrepreneur, is the CEO a...

Indian Tech Talent Excelling The Tech World - NIKESH ARORA, Chairman CEO - Palo Alto Networks

Nikesh Arora, the Chairman and CEO of Palo Alto Networks, is steering ...

Indian Tech Talent Excelling The Tech World - ANJALI SUD, CEO – Tubi

Anjali Sud, the former CEO of Vimeo, now leads Tubi, Fox Corporation�...

ITFORUM 2025

STARNITE AWARDS 2024

CMO of the Year

WOMEN LEADERSHIP

IMAGE GALLERY

TRENDS IN TECHNOLOGY