Cisco SD-WAN Solution Packet Filtering Bypass Vulnerability
Description
A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristics and sending it to a target device. A successful exploit could allow the attacker to bypass the L3 and L4 traffic filters and inject an arbitrary packet in the network.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An unauthenticated remote attacker can bypass L3/L4 traffic filters in Cisco SD-WAN Solution by sending a crafted TCP packet, allowing arbitrary packet injection.
Vulnerability
The vulnerability exists in the packet filtering features of Cisco SD-WAN Solution. It is due to improper traffic filtering conditions on an affected device. Affected versions include those before 18.4.4, before 19.2.1, and before 19.3.0 [1].
Exploitation
An unauthenticated, remote attacker can exploit this vulnerability by crafting a malicious TCP packet with specific characteristics and sending it to a target device. No authentication or user interaction is required [1].
Impact
Successful exploitation allows the attacker to bypass L3 and L4 traffic filters and inject an arbitrary packet into the network, potentially leading to further compromise [1].
Mitigation
Cisco has released fixed versions: 18.4.4 and later, 19.2.1 and later, and 19.3.0 and later. Customers should upgrade to these releases. No workaround is available [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Cisco/Cisco SD-WAN Solutionv5Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-sd-wan-bypassmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.