VMware SD-WAN Vulnerabilities – Execute Arbitrary Commands


Multiple security flaws affecting VMware SD-WAN have been addressed, allowing arbitrary commands to be executed on the intended system.

If these vulnerabilities are successfully exploited, enterprises that use VMware SD-WAN to manage their network connections may be exposed to serious threats.

The vulnerabilities tracked as CVE-2024-22246, CVE-2024-22247, and CVE-2024-22248 impact VMware SD-WAN Edge and SD-WAN Orchestrator.

Unauthenticated Command Injection vulnerability – (CVE-2024-22246)

An unauthenticated command injection vulnerability in VMware SD-WAN Edge has the potential to cause remote code execution. 

Document

Run Free ThreatScan on Your Mailbox

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .


VMware determined that the issue has a maximum CVSSv3 base score of 7.4 and falls into the important severity level.

“A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router,” reads the security advisory released by VMware.

This security vulnerability was reported by Saif Aziz (@wr3nchsr) from CyShield.

Missing Authentication and Protection Mechanism vulnerability- (CVE-2024-22247)

There is a vulnerability in the authentication and protection process of VMware SD-WAN Edge.

VMware determined that this problem has a maximum CVSSv3 base score of 4.8, placing it in the Moderate severity range.

During activation, a malicious actor who has physical access to the SD-WAN Edge appliance may be able to exploit this vulnerability and access the BIOS configuration. 

Furthermore, the malicious actor might be able to take advantage of the specified default boot priority.

This security vulnerability was reported by Saif Aziz (@wr3nchsr) from CyShield.

Open redirect vulnerability – (CVE-2024-22248)

An open redirect vulnerability exists in VMware SD-WAN Orchestrator. With a maximum CVSSv3 base score of 7.1, VMware determined that this issue falls into the important severity level.

“A malicious actor may be able to redirect a victim to an attacker-controlled domain due to improper path handling leading to sensitive information disclosure,” the company said.

Fixes Released

VMware SD-WAN Vulnerabilities - Execute Arbitrary Commands

Hence, VMware strongly advises using the available fixes right away if your company uses VMware SD-WAN. 

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide



Source link