Cisco addressed a high severity OS command injection vulnerability, tracked as CVE-2021-1529, in Cisco SD WAN that could allow privilege escalation and lead to arbitrary code execution.
Cisco SD WAN is a cloud delivered overlay WAN architecture that enables digital and cloud transformation at enterprises, it allows to connect disparate office locations via the cloud.
An authenticated, local attacker can exploit the CVE-2021-1529 vulnerability to execute arbitrary commands with root privileges. The CVE-2021-1529 received a CVSS score of 7.8,
The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
Cisco has released software updates to address this flaw.The Cisco PSIRT is not aware of attacks in the wild exploiting this vulnerability. The CISA also published a security advisory for this flaw that urge organizations to address this vulnerability.