Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN

Threat Post -

Unauthenticated cyberattackers can also wreak havoc on networking device configurations.

Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for most of its enterprise networking portfolio. The flaws impact Cisco’s wireless controllers, SD-WAN offering and configuration mechanisms in use for scads of products.

The networking giant has released patches for all of them, as part of a comprehensive 32-bug update released this week.

The most severe of the critical bugs is an unauthenticated remote-code-execution (RCE) and denial-of-service (DoS) bug, affecting the Cisco Catalyst 9000 family of wireless controllers.

CVE-2021-34770: RCE and DoS for Wireless Controllers

Boasting a rare 10 out of 10 CVSS vulnerability-severity rating, the issue (CVE-2021-34770) specifically exists in the control and provisioning of wireless access points (CAPWAP) protocol processing used by the Cisco IOS XE software that powers the devices.

“The vulnerability is due to a logic error that occurs during the validation of CAPWAP packets,” Cisco explained in its advisory this week. “An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the

Read More: https://threatpost.com/critical-cisco-bugs-wireless-sd-wan/174991/