Paul Giblock

**Name of the Vulnerable Software and Affected Versions** Cisco IOS XE SD-WAN Software (affected versions not specified) Cisco IOS XE Software (affected versions not specified) **Description** A vulnerability in the CLI of the software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This issue is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command, potentially allowing the execution of arbitrary commands with elevated privileges on the underlying operating system. The attacker would need valid user credentials to exploit this vulnerability. **Recommendations** For Cisco IOS XE SD-WAN Software, update to a version that includes the fix for this issue. For Cisco IOS XE Software, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the CLI and limiting the use of affected commands until a patch is available.