The U.S. CISA agency has updated its catalog of actively exploited vulnerabilities, known as the KEV. This time, it incorporated eight new security flaws that are being attacked in real-world environments. Three critical vulnerabilities present in Cisco Catalyst SD-WAN Manager, a central component for managing software-defined networks, stand out in particular.
Analysis of the Vulnerabilities in SD-WAN Manager 🕵️
The three flaws in Cisco Catalyst SD-WAN Manager allow a remote attacker to execute arbitrary code or elevate privileges without authentication. They are classified as critical due to their ease of exploitation and high impact. The identifiers are CVE-2024-20353, CVE-2024-20359, and CVE-2024-20360. Cisco has already released patches, so the priority action is to apply these updates immediately to mitigate the risk of compromise.
Your SD-WAN seems to prefer hackers, it seems 😏
It's curious how some management systems, designed to centralize control and security, become the perfect entry point for attackers. Your software-defined network can now also define who accesses everything. Cisco, with its usual diligence, already has the patches ready. Now all that's left is for someone in your company to find the maintenance window, convince the systems manager, and cross their fingers that nothing fails. A process as agile as always.