Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities

Vulnerability

Multiple buffer overflow vulnerabilities exist in Cisco SD-WAN vEdge Software [1]. The flaws reside in the processing of specific crafted packets. An attacker must be on the same Layer 2 network as the affected device (adjacent) to send the malicious packets. The vulnerable code path is reachable without any prior authentication. Affected versions include all releases prior to the fixed versions noted in the Cisco advisory [1].

Exploitation

An unauthenticated attacker with adjacency to the target device can trigger the buffer overflow by sending a specially crafted packet. No user interaction is required. The attacker does not need any credentials or prior access to the device. The specific sequence involves sending the malicious packet to the affected interface.

Impact

Successful exploitation could allow the attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition. This gives the attacker full control over the device or renders it unavailable, impacting the confidentiality, integrity, and availability of the SD-WAN network.

Mitigation

Cisco has released free software updates to address these vulnerabilities. Customers are advised to upgrade to a fixed version as indicated in the Cisco Security Advisory [1]. No workarounds are mentioned. The advisory does not list these CVEs in the Known Exploited Vulnerabilities (KEV) catalog.