Main Vulnerability Database Vulnerabilities #VU51706

Buffer overflow in Cisco SD-WAN and Cisco SD-WAN vEdge Routers - CVE-2021-1433

Published: March 24, 2021

Vulnerability identifier: #VU51706

CSH Severity: Critical

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red

CVE-ID: CVE-2021-1433

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco SD-WAN
Cisco SD-WAN vEdge Routers

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing network traffic in the vDaemon process. A remote attacker can send specially crafted packets to the system, trigger memory corruption and execute arbitrary code on the target system with root privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

The following devices are affected by this vulnerability:

1000 Series Integrated Services Routers (ISRs)
4000 Series ISRs
5400 Enterprise Network Compute System with Cisco Integrated Services Virtual Router (ISRv) installed
ASR 1000 Series Aggregation Services Routers
Cloud Services Router 1000V Series

Remediation

Install updates from vendor's website.

Buffer overflow in Cisco SD-WAN and Cisco SD-WAN vEdge Routers - CVE-2021-1433

Description

Remediation

External links

Please verify you're human