PT-2020-3470 · Cisco · Cisco Sd-Wan Solution

Published

2020-07-29

Updated

2021-08-06

CVE-2020-3375

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN Solution Software (affected versions not specified)

Description A buffer overflow issue in Cisco SD-WAN Solution Software is caused by insufficient input validation, allowing an unauthenticated, remote attacker to send crafted traffic to an affected device. This could enable the attacker to gain unauthorized access to information, make unauthorized system changes, and execute commands with root user privileges. The vulnerability can be exploited by a remote attacker, potentially leading to privilege escalation and unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-20

Related Identifiers

BDU:2020-03794

CVE-2020-3375

Affected Products

Cisco Sd-Wan Solution

PT-2020-3470 · Cisco · Cisco Sd-Wan Solution

CVE-2020-3375

Weakness Enumeration

Related Identifiers

Affected Products

References · 4