CRITICALZero Day
Global
New Cisco SD-WAN Zero-Day Grants Admin Access
·Source: Bank Info Security
Updated:
Executive Summary
Broken vdaemon Peering Authentication Enables Unauthenticated Admin Access A maximum-severity vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited, giving attackers administrative privileges without auth
Analysis
Broken vdaemon Peering Authentication Enables Unauthenticated Admin Access A maximum-severity vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited, giving attackers administrative privileges without authentication. The authentication bypass vulnerability stems from a broken peering authentication mechanism.