CyberNews Briefs

Cisco warns on critical security vulnerabilities in SD-WAN software, so update now

Cisco has warned its users to update networking software immediately due to four severe flaws affecting the Smart Software Manager Satellite, and SD-WAN DNA. SD-WAN has three critical command injection vulnerabilities with a collective score of 9.9 out of 10. Vulnerabilities of this nature require immediate action. According to Cisco, the flaws can be combined to allow an unauthorized threat actor to launch a command injection attack against a compromised device.

The severity rating is also partially due to the impact in which a successful hack exploiting the SD-WAN flaws would have. The attacker would be granted root privileges on the device and be able to take certain actions. This may mean deleting or adding files or documents. The issue affects many different Cisco offerings, such as the SD-WAN vBond Orchestrator Software, vEdge Cloud Routers, and vSmart Controller Software.

Read More: Cisco warns on critical security vulnerabilities in SD-WAN software, so update now

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.