CVE-2019-1625 Cisco SD-WAN Solution Privilege Escalation Vulnerability – Jun 2019

Preface: Add the Viptela SD-WAN technology to the IOS XE software running the ISR/ASR routers. Both Cisco ASR and ISR routers offer secure WAN connectivity.

Vulnerability details: A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device.

Root Cause Analysis: Remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. An attacker could exploit this vulnerability by modifying the “save command in the Command Line Interface (CLI) of an affected device.

Impact: A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user .

Reference: To save the user preferences class to an XML file simply create an XML Writer and invoke the Serialize method.

Remedy: Cisco has released free software updates that address the vulnerability described in this advisory. Please refer to url – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-sdwan-privesca