CVE-2021-1509: Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities
First published: Thu May 06 2021(Updated: )
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Vedge 100 Firmware | >=20.4<20.4.1 | |
| Cisco Vedge 100 Firmware | >=20.5<20.5.1 | |
| Cisco Vedge 100 Firmware | =19.2.99 | |
| Cisco Vedge 100 | ||
| Cisco Vedge 1000 Firmware | >=20.4<20.4.1 | |
| Cisco Vedge 1000 Firmware | >=20.5<20.5.1 | |
| Cisco Vedge 1000 Firmware | =19.2.99 | |
| Cisco Vedge 1000 | ||
| Cisco Vedge 100b Firmware | >=20.4<20.4.1 | |
| Cisco Vedge 100b Firmware | >=20.5<20.5.1 | |
| Cisco Vedge 100b Firmware | =19.2.99 | |
| Cisco Vedge 100b | ||
| Cisco Vedge 100m Firmware | >=20.4<20.4.1 | |
| Cisco Vedge 100m Firmware | >=20.5<20.5.1 | |
| Cisco Vedge 100m Firmware | =19.2.99 | |
| Cisco Vedge 100m | ||
| Cisco Vedge 100wm Firmware | >=20.4<20.4.1 | |
| Cisco Vedge 100wm Firmware | >=20.5<20.5.1 | |
| Cisco Vedge 100wm Firmware | =19.2.99 | |
| Cisco Vedge 100wm | ||
| Cisco Vedge 2000 Firmware | >=20.4<20.4.1 | |
| Cisco Vedge 2000 Firmware | >=20.5<20.5.1 | |
| Cisco Vedge 2000 Firmware | =19.2.99 | |
| Cisco Vedge 2000 | ||
| Cisco Vedge 5000 Firmware | >=20.4<20.4.1 | |
| Cisco Vedge 5000 Firmware | >=20.5<20.5.1 | |
| Cisco Vedge 5000 Firmware | =19.2.99 | |
| Cisco Vedge 5000 | ||
| Cisco Vedge Cloud Firmware | >=20.4<20.4.1 | |
| Cisco Vedge Cloud Firmware | >=20.5<20.5.1 | |
| Cisco Vedge Cloud Firmware | =19.2.99 | |
| Cisco Vedge Cloud |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-1509?
CVE-2021-1509 refers to multiple vulnerabilities in Cisco SD-WAN vEdge Software that could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device.
What is the severity of CVE-2021-1509?
CVE-2021-1509 has a severity rating of 7.5 (high).
Which software versions are affected by CVE-2021-1509?
Cisco SD-WAN vEdge Software versions 19.2.99, 20.4, and 20.5 are affected by CVE-2021-1509.
How can an attacker exploit CVE-2021-1509?
An attacker can exploit CVE-2021-1509 by executing arbitrary code as the root user or causing a denial of service (DoS) condition on an affected device.
How can I fix CVE-2021-1509?
To fix CVE-2021-1509, users should upgrade to a fixed version of Cisco SD-WAN vEdge Software, as mentioned in the Cisco Security Advisory.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/title
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- agent/event
- agent/tags
- vendor/cisco
- canonical/cisco vedge 100 firmware
- version/cisco vedge 100 firmware/20.4
- version/cisco vedge 100 firmware/20.5
- version/cisco vedge 100 firmware/19.2.99
- canonical/cisco vedge 100
- canonical/cisco vedge 1000 firmware
- version/cisco vedge 1000 firmware/20.4
- version/cisco vedge 1000 firmware/20.5
- version/cisco vedge 1000 firmware/19.2.99
- canonical/cisco vedge 1000
- canonical/cisco vedge 100b firmware
- version/cisco vedge 100b firmware/20.4
- version/cisco vedge 100b firmware/20.5
- version/cisco vedge 100b firmware/19.2.99
- canonical/cisco vedge 100b
- canonical/cisco vedge 100m firmware
- version/cisco vedge 100m firmware/20.4
- version/cisco vedge 100m firmware/20.5
- version/cisco vedge 100m firmware/19.2.99
- canonical/cisco vedge 100m
- canonical/cisco vedge 100wm firmware
- version/cisco vedge 100wm firmware/20.4
- version/cisco vedge 100wm firmware/20.5
- version/cisco vedge 100wm firmware/19.2.99
- canonical/cisco vedge 100wm
- canonical/cisco vedge 2000 firmware
- version/cisco vedge 2000 firmware/20.4
- version/cisco vedge 2000 firmware/20.5
- version/cisco vedge 2000 firmware/19.2.99
- canonical/cisco vedge 2000
- canonical/cisco vedge 5000 firmware
- version/cisco vedge 5000 firmware/20.4
- version/cisco vedge 5000 firmware/20.5
- version/cisco vedge 5000 firmware/19.2.99
- canonical/cisco vedge 5000
- canonical/cisco vedge cloud firmware
- version/cisco vedge cloud firmware/20.4
- version/cisco vedge cloud firmware/20.5
- version/cisco vedge cloud firmware/19.2.99
- canonical/cisco vedge cloud