Cisco SD-WAN Software Privilege Escalation Vulnerability
Description
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Authenticated low-privileged users can inject arbitrary OS commands via crafted CLI input in Cisco SD-WAN Software, leading to privilege escalation to Administrator.
Vulnerability
A command injection vulnerability exists in the CLI of Cisco SD-WAN Software, affecting products such as SD-WAN vBond Orchestrator, vEdge Cloud Routers, vEdge Routers, vManage, and vSmart Controller running a vulnerable software release. The issue is due to insufficient input validation on certain CLI commands [1]. An authenticated, local attacker with low-privileged access can exploit this by providing crafted input to the CLI.
Exploitation
An attacker must first authenticate to the device as a low-privileged user. The attacker then submits specially crafted input to CLI commands that lack proper input validation [1]. No additional user interaction or network access beyond local terminal or SSH is required.
Impact
Successful exploitation allows the attacker to inject arbitrary commands that are executed with Administrator (root) privileges on the underlying operating system, resulting in full privilege escalation and complete compromise of the device [1].
Mitigation
Cisco has released software updates to address this vulnerability; no workarounds exist [1]. Customers should upgrade to a fixed software version as specified in the advisory for their product. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog as of publication.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Cisco/Cisco SD-WAN Solutionv5Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPymitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.