Buffer overflow vulnerability in Cisco SD-WAN affects thousands of enterprises

Over the past two days Cisco has reported the presence of at least two critical vulnerabilities in SD-WAN software; one of these security flaws would allow authenticated local threat actors to generate a buffer overflow on the vulnerable device.

According to the company’s security alert, this security flaw exists due to insufficient input validation, so a malicious hacker could abuse the vulnerability by sending specially designed traffic to an affected device. Successful exploitation of this vulnerability would allow the threat actor to gain access to sensitive information, as well as make changes to the target system as if they were a high-privileged user.

The flaw affects the following Cisco products as long as they are running a software version of the Cisco SD-WAN Solution prior to Version 19.2.2:

vBond Orchestrator Software
vEdge 100 Series Routers
vEdge 1000 Series Routers
vEdge 2000 Series Routers
vEdge 5000 Series Routers
vEdge Cloud Router Platform
vManage Network Management Software
vSmart Controller Software

In addition, the researchers note that no functional alternative solutions are known at this time to mitigate the risk of exploitation.

After receiving the report, Cisco recognized the presence of the security error and began working on the updates needed for its remediation. Finally, the company released SD-WAN version 19.2.2, which contains the required fixes.

To download the updated version, click Browse All and follow these steps:

For vBond, vEdge Cloud, and vSmart
- Navigate to Routers > Software-Defined WAN (SD-WAN) > SD-WAN > SD-WAN Software Update.
- From the left panel, click 19.2.2 under Latest Release.
- Choose vSmart, vEdge Cloud, and vBond 19.2.2 upgrade image.
For vEdge 100, 1000, and 2000 Series Routers
- Navigate to Routers > Software-Defined WAN (SD-WAN) > vEdge Router > vEdge Router Model.
- From the left panel, click 19.2.2 under Latest Release.
- Choose vEdge 19.2.2 Upgrade Image for vEdge 100b, vEdge 100m, vEdge 1000, vEdge 2000 Routers.
For vManage Network Management Software
- Navigate to Routers > Software-Defined WAN (SD-WAN) > SD-WAN > SD-WAN Software Update.
- From the left panel, click 19.2.2 under Latest Release.
- Choose vManage 19.2.2 upgrade image.

Finally, Cisco assured that no operational cases have been reported in real-world scenarios, although monitoring will continue for an additional period.

Atul Narula

He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.

Buffer overflow vulnerability in Cisco SD-WAN affects thousands of enterprises

Critical Vulnerabilities in Cisco ASA & FTD Exposed! Learn How to Exploit CVE-2024-20353 and CVE-2024-20359

Dual Vulnerabilities in Microsoft SharePoint Server: Essential Steps to Mitigate Vulnerabilities

Exploiting the High-Risk Vulnerabilities in Secure Boot of Most Linux Devices on the Planet

Hackers’ New Target is containerized environments through vulnerabilities in runC

Hacking Android, Linux, macOS, iOS, Windows Devices via Bluetooth using a single vulnerability

110 Million AT&T Customers’ Data leaked: Inside the $370,000 Ransom Payment

How Hackers Stole Taylor Swift Tickets: The Full Ticketmaster Breach Story

Dark Web Sale: AMD’s Confidential Data Leaked – Full Story Revealed!

How Snowflake Hack is Linked to Santander(Spain, Chile, Uruguay) and Ticketmaster Breaches.Are You Affected?

Healthcare Hack Horror: Cyberattacks Leave French Hospitals in Chaos for $10 Million

Hacking the Unhackable: The Story of How CISA Was Breached

The Cloudflare Hack: A Hacker, 5000 Credentials, and Operation Code Red

Comparing CIS v8, CIS AWS Foundations Benchmark v1.5, and PCI DSS v4.0 for CSPM. Which you Should Start With?

MITRE EMB3D Explained: Top Threats to Embedded Devices and How EMB3D Mitigates Them

Google Gemini Under Fire: Critical Security Vulnerabilities You Need to Know to hack Gemini

Cracking SCCM Wide Open: Pentesting System Center Configuration Manager with Misconfiguration Manager

Hacking Windows 10 and 11 with DLL Search Order Hijacking without administrator rights

Hacking SSH Connections by exploiting SSH Protocol Vulnerabilities: Different Terrapin Attack Vectors

Understanding Latest DHCP DNS Vulnerabilities and How DHCP Exploits work in Active Directory

Hacking Bluetooth via MiTM: The BLUFFS Bluetooth attack to hack into Millions of Devices

6 Steps to File Anonymous SEC Complaints Against Data Breachers & Force Them to Pay Fines or Take Action

Inside the Exploit: How Your ChatGPT’s Uploaded Files Could Be Stolen by Prompt Injection Vulnerability

This Google Calendar technique allows to hack into companies without getting detected

This telegram bot is like ChatGPT for scammers to steal money from victims easily

How easy is to bomb someone mobile phone with thousands of SMS messages?

This new DDoS attack prevention technique has a 99% accuracy rate

How to secure Cisco Firepower Threat Defense (FTD) firewalls ?

The Dark Side of PDFs: How Opening a Simple PDF Could Unleash a Cybersecurity Nightmare

Largest soft drink bottle supplier, recycle and plastic manufacturers hacked by ransomware

Visited thesaurus.com in search for Synonyms? You have Coinminer malware infection

How to send malware via Teams, even “Safe Attachments” or “Safe Links” can’t protect you

2 Big Cloud hosting companies shutdown by ransomware and lose all customer data