Improper Verification of Cryptographic Signature in Cisco SD-WAN vEdge Routers and Cisco SD-WAN vManage

#VU51232 Improper Verification of Cryptographic Signature in Cisco SD-WAN vEdge Routers and Cisco SD-WAN vManage

Published: 2021-03-04

Vulnerability identifier: #VU51232

Vulnerability risk: Low

CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1461

CWE-ID: CWE-347

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco SD-WAN vEdge Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco SD-WAN vManage
Other software / Other software solutions

Vendor:

Description

The vulnerability allows a remote user to compromise the target system.

The vulnerability exists due to improper verification of digital signatures for patch images. A remote administrator can use an unsigned software patch to bypass signature checks and boot a malicious software patch image.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-sigverbypass-gPYXd6Mk

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Improper Verification of Cryptographic Signature in Cisco SD-WAN vEdge Router and Cisco SD-WAN vManage