Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 5.5 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in the Cisco Catalyst SD-WAN Manager, allowing authenticated local attackers to overwrite arbitrary files on the device. Immediate software updates are recommended as there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the command-line interface (CLI) of the Cisco Catalyst SD-WAN Manager (formerly Cisco SD-WAN vManage) could allow an authenticated local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability arises from improper access controls on files in the local file system. An attacker with valid read-only credentials can exploit this by executing crafted commands, potentially gaining root user privileges.

Affected products 🖥️

The vulnerability specifically affects the Cisco Catalyst SD-WAN Manager. For detailed information on which software releases are vulnerable, please refer to the Fixed Software section of the advisory.

Fixed software 🔧

Upgrade to at least the first fixed release in your train (or later):

Product / Release Train First Fixed Release Notes
ISE / ISE-PIC 20.12 20.12.5
ISE / ISE-PIC 20.15 Migrate to a fixed release.
ISE / ISE-PIC 20.16 20.16.1
ISE / ISE-PIC 1.1 Updated fixed release information for releases 20.9 and earlier.
ISE / ISE-PIC 1.0 Initial public release.

Workarounds 🧯

There are no workarounds available to mitigate this vulnerability.

Risk in context 🎯

The vulnerability has a CVSS score of 5.5, categorized as medium severity. While it requires local access and valid credentials, the potential for an attacker to gain root privileges makes it a risk that should not be overlooked. Organizations using affected versions of the Cisco Catalyst SD-WAN Manager should prioritize applying the necessary updates.

Fast facts ⚡

  • Vulnerability: Arbitrary File Overwrite
  • CVSS Score: 5.5 (Medium)
  • Affected Product: Cisco Catalyst SD-WAN Manager
  • Exploitation: Requires local access and valid read-only credentials.
  • Workarounds: None available.

For leadership 🧭

This advisory highlights a significant security vulnerability in a critical network management tool. It is essential for leadership to ensure that IT teams are aware of this vulnerability and take immediate action to apply the necessary software updates. Regularly reviewing and updating security protocols can help mitigate risks associated with vulnerabilities like this one.