Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

A vulnerability exists in the CLI of Cisco Catalyst SD-WAN Manager that could allow an authenticated, local attacker to gain root privileges on the underlying operating system. This issue arises from inadequate input validation. An authenticated attacker with read-only access could exploit this vulnerability by sending a crafted request to the CLI. Successful exploitation would result in elevated privileges on the operating system.

Impact

Exploitation of this vulnerability could lead to unauthorized root access on the underlying operating system.

Remediation

Cisco has released free software updates to address this vulnerability. Customers with service contracts should obtain these updates through their usual channels. For those without service contracts, contact the Cisco Technical Assistance Center (TAC) for assistance. This vulnerability is part of a collection of vulnerabilities in Cisco Catalyst SD-WAN Manager, and customers are advised to upgrade to a fixed release. Consult the Cisco Security Advisories page for guidance on exposure and upgrade solutions.