CISCO-SA-SDWAN-PRIVIESC-WCK7BMMT
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system. This vulnerability is due to insufficient input validation. An authenticated attacker with read-only privileges on the SD-WAN Manager system could exploit this vulnerability by sending a crafted request to the CLI of the SD-WAN Manager. A successful exploit could allow the attacker to gain root privileges on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco Catalyst SD-WAN Manager |
Exploit Intelligence
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-priviesc-WCk7bmmt (circl)
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html (circl)
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#ssu (circl)
- https://www.cisco.com/c/en/us/products/end-user-license-agreement.html (circl)
- https://www.cisco.com/c/en/us/support/index.html (circl)
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes (circl)
- https://www.cisco.com/go/psirt (circl)
- https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html (circl)
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanarbfile-2zKhKZwJ (circl)
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catalyst-tls-PqnD5KEJ (circl)
…and 8 more exploits
Timeline
- May 7, 2025 CVE Published
References
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-priviesc-WCk7bmmt advisory
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html url
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#ssu url
- https://www.cisco.com/c/en/us/products/end-user-license-agreement.html url
- https://www.cisco.com/c/en/us/support/index.html url
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes url
- https://www.cisco.com/go/psirt url
- https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html url
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanarbfile-2zKhKZwJ url
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catalyst-tls-PqnD5KEJ url
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-fileoverwrite-Uc9tXWH url
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-xss-xhN8M5jt url
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-html-inj-GxVtK6zj url
- https://www.cisco.com/c/en/us/products/routers/sd-wan/eos-eol-notice-listing.html url
- https://www.cisco.com/c/en/us/td/docs/routers/sdwan/release/notes/compatibility-and-server-recommendations.html url
- http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html url
- https://software.cisco.com fix