High-Severity vulnerability found in Cisco IOS XE SD-WAN Routers
A high-risk severity in the CLI of Cisco Internetworking Operating System (IOS) can allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.
Vulnerability is found in the following Cisco products:
- 1000 Series Aggregation Services Routers
- 1000 Series Integrated Services Routers (ISRs)
- 4000 Series ISRs
- Cloud Services Router 1000V Series
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
The flaw(CVE-2019-16011) has a CVSS(Common Vulnerability Scoring System) version 3.0 score of 7.8 out of 10.
Julien Legras and Thomas Etrillard of Synacktiv were credited for reporting the flaw. Fixed releases for Cisco IOS XE SD-WAN are below.
An attacker can exploit this vulnerability by authenticating to the device and submitting crafted input into the CLI. This vulnerability exists due to insufficient input validation. Once the attacker is authenticated to access the CLI utility now with successful exploit the attacker can execute commands with root privileges.