Cisco has released another batch of fixes for many of its products, including its SD-WAN and DNA Center solutions, its Email Security Appliance, Security Manager, SOHO routers/firewalls, and more.
CVE-2019-1625 could allow an authenticated, local attacker to elevate lower-level privileges to the root user on a device running a vulnerable version of the Cisco SD-WAN Solution.
Cisco SD-WAN on a number of Cisco’s vEdge routers, its vBond Orchestrator Software, its vSmart Controller Software, and other products. No workarounds are available to mitigate the risk, so users are advised to upgrade to v18.4.1 of the software, which will also fix:
- Another (remotely exploitable) privilege escalation vulnerability (CVE-2019-1626) and
- A command injection flaw (CVE-2019-1624).
CVE-2019-1848 affects Cisco Digital Network Architecture (DNA) Center, a dedicated physical appliance for managing and controlling enterprise networks based on the Cisco DNA.
The vulnerability could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. It affects Cisco DNA Center Software releases prior to 1.3.
None of these flaws is known to be exploited in the wild.
Less urgent fixes
Owners of Cisco’s wireless VPN firewall and routers (RV110W, RV130W, and RV215W) for homes and small offices are also urged to update to close a high-risk DoS vulnerability in the devices’ web-based management interface (CVE-2019-1843) and three additional flaws of medium severity.
These three devices are often targeted by attackers, but luckily this time, the flaws are not that serviceable to most attackers and no PoC exploit code is available.
Most of the other vulnerabilities fixed in this batch od updates are medium risk, so users can take their time implementing them.
Owners and administrators of Cisco equipment and solutions can peruse the companies latest security advisories here.