CVE-2021-1509: Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities
First published: Thu May 06 2021(Updated: )
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco vEdge-1000 Firmware | >=20.4<20.4.1 | |
| Cisco vEdge-1000 Firmware | >=20.5<20.5.1 | |
| Cisco vEdge-1000 Firmware | =19.2.99 | |
| Cisco vEdge 100 Router | ||
| Cisco vEdge-1000 Firmware | >=20.4<20.4.1 | |
| Cisco vEdge-1000 Firmware | >=20.5<20.5.1 | |
| Cisco vEdge-1000 Firmware | =19.2.99 | |
| Cisco vEdge 1000 Router | ||
| Cisco vEdge 100b Firmware | >=20.4<20.4.1 | |
| Cisco vEdge 100b Firmware | >=20.5<20.5.1 | |
| Cisco vEdge 100b Firmware | =19.2.99 | |
| Cisco vEdge 100b Firmware | ||
| Cisco vEdge 100M Firmware | >=20.4<20.4.1 | |
| Cisco vEdge 100M Firmware | >=20.5<20.5.1 | |
| Cisco vEdge 100M Firmware | =19.2.99 | |
| Cisco vEdge 100m router | ||
| Cisco vEdge 100WM Firmware | >=20.4<20.4.1 | |
| Cisco vEdge 100WM Firmware | >=20.5<20.5.1 | |
| Cisco vEdge 100WM Firmware | =19.2.99 | |
| Cisco vEdge 100wm router | ||
| Cisco vEdge-2000 Firmware | >=20.4<20.4.1 | |
| Cisco vEdge-2000 Firmware | >=20.5<20.5.1 | |
| Cisco vEdge-2000 Firmware | =19.2.99 | |
| Cisco vEdge 2000 router | ||
| Cisco vEdge-5000 firmware | >=20.4<20.4.1 | |
| Cisco vEdge-5000 firmware | >=20.5<20.5.1 | |
| Cisco vEdge-5000 firmware | =19.2.99 | |
| Cisco vEdge-5000 firmware | ||
| Cisco vEdge Cloud Firmware | >=20.4<20.4.1 | |
| Cisco vEdge Cloud Firmware | >=20.5<20.5.1 | |
| Cisco vEdge Cloud Firmware | =19.2.99 | |
| Cisco vEdge Cloud |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-1509?
CVE-2021-1509 refers to multiple vulnerabilities in Cisco SD-WAN vEdge Software that could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device.
What is the severity of CVE-2021-1509?
CVE-2021-1509 has a severity rating of 7.5 (high).
Which software versions are affected by CVE-2021-1509?
Cisco SD-WAN vEdge Software versions 19.2.99, 20.4, and 20.5 are affected by CVE-2021-1509.
How can an attacker exploit CVE-2021-1509?
An attacker can exploit CVE-2021-1509 by executing arbitrary code as the root user or causing a denial of service (DoS) condition on an affected device.
How can I fix CVE-2021-1509?
To fix CVE-2021-1509, users should upgrade to a fixed version of Cisco SD-WAN vEdge Software, as mentioned in the Cisco Security Advisory.
- agent/type
- agent/author
- agent/title
- agent/severity
- agent/weakness
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco vedge-1000 firmware
- version/cisco vedge-1000 firmware/20.4
- version/cisco vedge-1000 firmware/20.5
- version/cisco vedge-1000 firmware/19.2.99
- canonical/cisco vedge 100 router
- canonical/cisco vedge 1000 router
- canonical/cisco vedge 100b firmware
- version/cisco vedge 100b firmware/20.4
- version/cisco vedge 100b firmware/20.5
- version/cisco vedge 100b firmware/19.2.99
- canonical/cisco vedge 100m firmware
- version/cisco vedge 100m firmware/20.4
- version/cisco vedge 100m firmware/20.5
- version/cisco vedge 100m firmware/19.2.99
- canonical/cisco vedge 100m router
- canonical/cisco vedge 100wm firmware
- version/cisco vedge 100wm firmware/20.4
- version/cisco vedge 100wm firmware/20.5
- version/cisco vedge 100wm firmware/19.2.99
- canonical/cisco vedge 100wm router
- canonical/cisco vedge-2000 firmware
- version/cisco vedge-2000 firmware/20.4
- version/cisco vedge-2000 firmware/20.5
- version/cisco vedge-2000 firmware/19.2.99
- canonical/cisco vedge 2000 router
- canonical/cisco vedge-5000 firmware
- version/cisco vedge-5000 firmware/20.4
- version/cisco vedge-5000 firmware/20.5
- version/cisco vedge-5000 firmware/19.2.99
- canonical/cisco vedge cloud firmware
- version/cisco vedge cloud firmware/20.4
- version/cisco vedge cloud firmware/20.5
- version/cisco vedge cloud firmware/19.2.99
- canonical/cisco vedge cloud