A weekly recap of pertinent security events you need to be aware of and can read in 7 seconds (or so...)

Using Cisco SD-Wan Products?

Do this: Update your vManage software as soon as possible.
Why: Cisco has released patches for multiple vulnerabilities in their SD-Wan vManage products. The following CVEs have been associated with this vulnerability:

  • CVE-2021-1468: Critical Unauthorized Message-Processing Vulnerability (RCE)
  • CVE-2021-1505: Critical Privilege-Escalation Vulnerability
  • CVE-2021-1508: High-Severity Unauthorized-Access Vulnerability
  • CVE-2021-1506: High-Severity Unauthorized Services-Access Vulnerability
  • CVE-2021-1275: High-Severity Denial-of-Service Vulnerability
Additional Info: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-vmanage-4TbynnhZ

About the Author

Ryan Bradbury, CISSP, OSCP
Principal Consultant & Cofounder

As a founding partner and principal consultant at SEVN-X, Ryan employs his training, experience, and expertise in helping organizations assess and protect their information security assets as well as respond to cybersecurity events. Ryan’s skillset has been forged from an extensive amount of field work—across various verticals—serving in both strategic and tactical security roles. SEVN-X requires all of its team members to be experts in information security and that starts from the top down.