Cisco IOS XE SD-WAN Software Packet Filtering Bypass Vulnerability

A vulnerability exists in the packet filtering capabilities of Cisco IOS XE SD-WAN Software, allowing an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters. This issue arises from improper traffic filtering conditions on affected devices. Exploitation involves sending a crafted packet to the device, which can then bypass the standard traffic filters and inject the packet into the network. The vulnerability affects Cisco IOS XE Software releases 17.2.1r and later in Controller mode, as well as specific standalone IOS XE SD-WAN releases. Cisco IOS XE cEdge Routers with SNMP enabled on the tunnel 0 interface are also vulnerable.

Impact

Exploitation of this vulnerability allows for bypassing Layer 3 and Layer 4 traffic filters, enabling the injection of crafted packets into the network.

Remediation

Cisco has released software updates to address this vulnerability. Workarounds include configuring an extended access control list (ACL) to manage specific traffic or implementing a device access policy to block unsolicited SNMP traffic. For information on which Cisco software releases were vulnerable at the time of publication, see the 'Fixed Software' section of the advisory.