Joseph Connor

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN Software (affected versions not specified) Cisco SD-WAN vManage Software (affected versions not specified) **Description** A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. This issue is due to insufficient handling of malformed MPLS packets. An attacker could exploit this by sending a crafted MPLS packet to an affected device. A successful exploit could allow the attacker to gain unauthorized access to sensitive information. **Recommendations** For Cisco SD-WAN Software, consider disabling the MPLS packet handling function until a patch is available. For Cisco SD-WAN vManage Software, restrict access to the MPLS buffer memory to minimize the risk of exploitation. As a temporary workaround, avoid using the vulnerable MPLS packet handling function in the affected software until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vEdge Software (affected versions not specified) Description: The issue allows an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN products (affected versions not specified) **Description** Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. The issue is related to errors in processing IP packets passing through the IPsec tunnel. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco SD-WAN products (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in Cisco SD-WAN products that could allow an authenticated attacker to perform command injection attacks against an affected device. This could enable the attacker to take certain actions with root privileges on the device. The vulnerability is also associated with insufficient input validation in the command-line interface (CLI), which could allow an attacker to impact the confidentiality and integrity of protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.