New Cisco SD-WAN Routers vulnerabilities are treasure for hackers

As every week, Cisco security testing course experts announced updates for products affected by security vulnerabilities. This time, a severe vulnerability was fixed in your router software that could be exploited by a local threat actor and authenticated to execute arbitrary commands with root privileges.

The failure exists in Cisco IOS XE. This Linux-based operating system version is used on Cisco software-defined wide area network (SD-WAN) routers. Affected routers include Aggregation Services Router (ASR) 1000 models, 1000 Integrated Services Routers (ISRs), ISR 4000 models, and 1000V cloud service router models.

This failure exists in the Cisco IOX XE Command Line Interface Utility (CLI), used for the network configuration of routers. This CLI does not properly validate input commands, so a threat actor could take advantage of this condition to authenticate to the device and send a specially crafted entry to the CLI. According to security testing course experts, there are no reports of any attempt to exploit this vulnerability in real-world scenarios.

It is worth mentioning that the attacker must have authentication on the system to access the CLI utility; exploiting this flaw could allow the malicious hacker to execute commands with root privileges. The vulnerability was identified as CVE-2019-1600 and has a score of 7.8/10 on the Common Vulnerability Scoring System (CVSS) scale, so it is considered a severe drawback. 

Cisco IOS XE software has recently introduced multiple security issues. In early March, Cisco released 24 patches related to various vulnerabilities in the IOS XE operating system. In early 2020, the company also released some fixes for another technical issue considered severe in the Cisco IOS web UI and Cisco IOS XE Software.

According to security testing course experts, Cisco also fixed a high-severity vulnerability in IOS XE, which could allow a remote attacker to reconfigure or execute commands on the affected devices. And in August, a critical remote authentication bypass vulnerability was found, with the highest possible severity level of 10 out of 10 on the CVSS scale, in the Cisco REST REST API Virtual Services container for Cisco IOS XE software.

For further reports on vulnerabilities, exploits, malware variants and computer security risks you can access the Website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.