SD-WAN Vulnerabilities with Cisco Routers
Cisco has released emergency patches for their SD-WAN routers. Anyone leveraging Cisco management software will need their admin’s to apply these patches as quickly as possible. While these technologies have changed how the WAN works, Patches like these present major risks for organizations. Unfortunately, as organizations become more and more “Sofwared-Defined” or As-a-Service, Vulnerabilities undoubtedly continue to become more prevalent and these types of issues are critical to address.
Warnings about the weaknesses in their offerings three of the five are very vulnerable. The biggest risk would allow attackers access through the commandline interface to inject commands that provide route privileges. Once excluded the attacker will then gain access to a wide array of data that could further compromise the systems.
These vulnerabilities affect the number of Cisco products most of which are leveraging the SD when
Released earlier than 19.2.2. Cisco also announce that there were no workarounds in any vulnerabilities could be a big issue if these pictures are not put in place.
More information can be found on Ciscos website.