Request a Demo
Rewterz
Rewterz Threat Alert – Remcos RAT – Active IOCs
September 22, 2021
Rewterz
Rewterz Threat Advisory – CVE-2021-31847 – McAfee Agent for Windows
September 23, 2021

Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2021-1612 

Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to bypass security restrictions, caused by improper access controls on files within the local file system. By using a specially-crafted symbolic link, an attacker could exploit this vulnerability to overwrite arbitrary files on the device.

CVE-2021-34712 

Cisco SD-WAN vManage Software could allow a remote authenticated attacker to obtain sensitive information, caused by improper input validation by the web-based management interface. By sending specially-crafted HTTP requests, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2021-34729 

Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper validation of arguments passed to certain CLI commands. By including specially-crafted input in the argument of an command, an attacker could exploit this vulnerability to execute arbitrary commands with elevated privileges on the underlying operating system.

CVE-2021-34703 

Cisco IOS and IOS XE Software are vulnerable to a denial of service, caused by improper initialization of a buffer. By sending specially-crafted LLDP frames, a remote authenticated attacker could exploit this vulnerability to cause the device to crash.

CVE-2021-1546 

Cisco SD-WAN Software could allow a local authenticated attacker to obtain sensitive information, caused by improper protections on file access through the CLI. By sending a specially-crafted CLI command that targets an arbitrary file, an attacker could exploit this vulnerability to obtain information of portions of an arbitrary file, and use this information to launch further attacks against the affected system.

CVE-2021-1615 

Cisco Embedded Wireless Controller Software is vulnerable to a denial of service, caused by improper buffer allocation. By sending specially-crafted traffic, a remote attacker could exploit this vulnerability to exhaust available resources, and results in a denial of service condition.

CVE-2021-34699 

Cisco IOS and IOS XE Software are vulnerable to a denial of service, caused by an improper interaction between the web UI and the CLI parser. By requesting a particular CLI command to be run through the web UI, a remote authenticated attacker could exploit this vulnerability to cause the device to reload, and results in a denial of service condition.

CVE-2021-34723 

Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to bypass security restrictions, caused by improper validation of specific CLI command parameters. By sending a specially-crafted command with specific parameters, an attacker could exploit this vulnerability to overwrite the content of the configuration database and gain root-level access to the device.

CVE-2021-1616 

Cisco IOS XE Software could allow a remote attacker to bypass security restrictions, caused by improper data validation of traffic that is traversing the ALG. By sending specially-crafted traffic , an attacker could exploit this vulnerability to bypass the ALG and open connections not allowed to a remote device located behind the ALG.

CVE-2021-34696 

Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow a remote attacker to bypass security restrictions, caused by incorrect programming of hardware when an ACL is configured using a method other than the configuration CLI. By sending specially-crafted traffics, an attacker could exploit this vulnerability to bypass an ACL on the device.

CVE-2021-1621 

Cisco IOS XE Software is vulnerable to a denial of service, caused by improper handling of certain Layer 2 frames. By sending specially-crafted Layer 2 frames on the segment the router is connected, a remote attacker could exploit this vulnerability to cause a queue wedge on the interface, and results in a denial of service condition.

CVE-2021-1589 

Cisco SD-WAN vManage Software could allow a remote authenticated attacker to obtain sensitive information, caused by improper access control to the API endpoints. By sending a specially-crafted request to an API endpoint, an attacker could exploit this vulnerability to obtain the administrative credentials, and use this information to launch further attacks against the affected system.

CVE-2021-1624 

Cisco IOS XE Software is vulnerable to a denial of service, caused by improper handling of the rate limiting feature within the QuantumFlow Processor. By sending specially-crafted traffic, a remote attacker could exploit this vulnerability to cause the QuantumFlow Processor utilization to reach 100 percent, and results in a denial of service condition.

CVE-2021-34724 

Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper file system protection and the presence of a sensitive file in the bootflash directory. By overwriting an installer file stored in the bootflash directory with arbitrary commands, an <authenticated> attacker could exploit this vulnerability to read and write changes to the configuration database with root privileges.

Impact

  • Security Bypass
  • Information Disclosure
  • Command Execution
  • Denial of Service
  • Privilege Escalation

Affected Vendors

  • Google

Affected Products

  • Cisco IOS XE Software 17.3
  • Cisco SD-WAN vManage software
  • Cisco IOS XE Software
  • Cisco IOS XE SD-WAN Software
  • Cisco SD-WAN vEdge Cloud Routers
  • Cisco SD-WAN vBond Orchestrator Software
  • Cisco SD-WAN vEdge Routers
  • Cisco SD-WAN vSmart Controller Software
  • Cisco SD-WAN Software
  • Cisco EWC Software for Catalyst APs
  • Cisco IOS Software Cisco IOS XE Software
  • Cisco Cloud Services Router (CSR) 1000V Series
  • Cisco 1000 Series Integrated Services Routers (ISRs)
  • Cisco 4000 Series ISRs
  • Cisco ASR 1000 Series Aggregation Services Routers (ASRs)
  • Cisco ASR 1000 Series Aggregation Services Routers
  • Cisco 1000 Integrated Services Routers (ISRs)
  • Cisco Integrated Services Virtual (ISRv) Routers
  • Cisco SD-WAN vManage Software

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

CVE-2021-1612

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-GjR5pGOm

CVE-2021-34712

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-jOsuRJCc

CVE-2021-34729

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3

CVE-2021-34703

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lldp-dos-sBnuHSjT

CVE-2021-1546

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX

CVE-2021-1615

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewc-dos-g6JruHRT

CVE-2021-34699

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-trustsec-dos-7fuXDR2

CVE-2021-34723

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-arbfileov-MVOF3ZZn

CVE-2021-1616

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-h323alg-bypass-4vy2MP2Q

CVE-2021-34696

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr900acl-UeEyCxkv

CVE-2021-1621

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-quewedge-69BsHUBW

CVE-2021-1589

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-credentials-ydYfskzZ

CVE-2021-1624

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ratenat-pYVLA7wM

CVE-2021-34724

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD