Cisco has recently uncovered hidden flaws which if exploited could lead to privileged code execution. These flaws are found within Cisco’s SD-WAN devices which include their vBond and vSmart controllers along with their vManage Network Management system and vBond Orchestrator software. Other devices that are affected by this vulnerability are Cisco’s vEdge routers.
“Cisco has fixed this vulnerability in Cisco SD-WAN Solution software Release 19.2.2.” – Cisco
There were three vulnerabilities that were found, one of which can enable arbitrary code to be run by a privileged user. This vulnerability is known as CVE-2020-3266. This vulnerability is severe; however, it is very difficult to successfully exploit it due to having authenticated access to the devices CLI. This flaw has the security rating of 7.8 out of 10.0 on the CVSS scores.
The next vulnerability that was found goes by the name CVE-2020-3264 which is a buffer overflow vulnerability that was found due to the lack of input validation within Cisco’s software. This vulnerability involves authentication, however, when present and attacker can gain access to information, they should not have access to. This vulnerability is harder to exploit than the previous one mentioned so the CVSS score is 7.1 out of 10.0.
The final vulnerability is a privilege escalation flaw named CVE-2020-3265. This flaw could potentially allow an authenticated attacker to gain root privileges if exploited correctly. This flaw is rated at a 7.0 out of 10.0 in the CVSS scores.