Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could allow arbitrary code execution.
The bug is an OS command-injection issue, which enables attackers to execute unexpected, dangerous commands directly on the operating system that normally wouldn’t be accessible.
“A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.”
In January, it fixed multiple, critical buffer-overflow and command-injection SD-WAN bugs, the most serious of which could be exploited by an unauthenticated, remote attacker to execute arbitrary code on the affected system with root privileges.
In May, Cisco addressed two critical security vulnerabilities in the SD-WAN vManage Software, one of which could allow an unauthenticated attacker to carry out remote code execution on corporate networks or steal information.
Just last month, Cisco disclosed two critical security vulnerabilities affecting the IOS XE software and its SD-WAN, the most severe of which would allow unauthenticated RCE and denial-of-service.