logo_SVG-01
✕
  • Platform
    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    • Managed Security Services
    • Managed Penetration Testing
  • Services
    • Assess
      • Compromise Assessment
      • Advanced Persistent Threats Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      • SOC Maturity Assessment
      • SOC Model Evaluation
      • SOC Gap Analysis
      • SIEM Gap Analysis
      • SIEM Optimization
      • SOC Content Pack
    • Train
      • Simulated Cyber Attack Exercise
      • Tabletop Exercise
      • Security Awareness and Training
    • Respond
      • Incident Analysis
      • Incident Response
  • Solutions
  • Resources
    • Blogs
    • Press Releases
    • Threat Insights
      • Threat Intelligence Reports
      • Threat Advisories
      • Monthly Threat Insights
  • Why Rewterz?
    • About Us
    • Careers
    • Contact
logo_SVG-01
  • Platform
    xdrLogo
    center_new
    Read More about XDR

    Platform

    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities

    Managed Security Services

    • Managed Security Monitoring
    • Remote SOC
    • Onsite SOC
    • Hybrid SOC

    Managed Penetration Testing

    Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.

  • Services

    Assess

    • Compromise Assessment
    • APT Assessment
    • Penetration Testing
    • Architecture Design & Review
    • Red Team Assessment
    • Purple Team Assessment
    • Social Engineering
    • Source Code Review

    Transform

    • SOC Consultancy
    • SOC Maturity Assessment
    • SOC Model Evaluation
    • SOC Gap Analysis
    • SIEM Gap Analysis
    • SIEM Optimization
    • SOC Content Pack

    Train

    • Simulated Cyber Attack Exercise
    • Tabletop Exercise
    • Security Awareness and Training

    Respond

    • Incident Analysis
    • Incident Response
  • Solutions
  • Resources

    Resources

    • Blog
    • Press Releases
    March 17, 2023
    March 17, 2023
    Rewterz Threat Alert – Chaos Ransomware – Active IOCs
    Severity High Analysis Summary Chaos is a customizable ransomware builder that emerged on June 9 2021 (in underground forums) by falsely marketing itself as the .NET […]
    March 17, 2023
    March 17, 2023
    Rewterz Threat Advisory – Multiple Adobe ColdFusion Vulnerabilities
    Severity High Analysis Summary CVE-2023-26361 CVSS:4.9 Adobe ColdFusion could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially […]
    March 17, 2023
    March 17, 2023
    Rewterz Threat Alert – Ursnif Banking Trojan aka Gozi – Active IOCs
    Severity Medium Analysis Summary Ursnif banking trojan also known as Gozi and Dreambot has been around for more than 10 years. It gained popularity in 2015 […]

    Threat Insights

    16
    pdf-file (1)
    Annual Threat Intelligence Report 2022
    • Threat Advisories
    • Monthly Threat Insights
    • Threat Intelligence Reports
  • Why Rewterz?

    About Us

    Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.

    Read More

    play_btn_Smallplay_btn_hover_Small
    leadership

    Our Leadership

    Our leadership team brings together years of knowledge and experience in cybersecurity to drive our company's mission and vision. Our team is passionate about delivering high-quality products and services, leading by example and assisting our clients in securing their organization’s environment.
    help

    CSR

    At Rewterz, we believe that businesses have a responsibility to impact positively and contribute to the well-being of our communities as well as the planet. That's why we are committed to operating in a socially responsible and sustainable way.

    Connect with Us

    • Contact
    • Careers
Get in Touch
logo_SVG-01
  • Platform
    xdrLogo
    center_new
    Read More about XDR

    Platform

    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities

    Managed Security Services

    • Managed Security Monitoring
    • Remote SOC
    • Onsite SOC
    • Hybrid SOC

    Managed Penetration Testing

    Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.

  • Services

    Assess

    • Compromise Assessment
    • APT Assessment
    • Penetration Testing
    • Architecture Design & Review
    • Red Team Assessment
    • Purple Team Assessment
    • Social Engineering
    • Source Code Review

    Transform

    • SOC Consultancy
    • SOC Maturity Assessment
    • SOC Model Evaluation
    • SOC Gap Analysis
    • SIEM Gap Analysis
    • SIEM Optimization
    • SOC Content Pack

    Train

    • Simulated Cyber Attack Exercise
    • Tabletop Exercise
    • Security Awareness and Training

    Respond

    • Incident Analysis
    • Incident Response
  • Solutions
  • Resources

    Resources

    • Blog
    • Press Releases
    March 17, 2023
    March 17, 2023
    Rewterz Threat Alert – Chaos Ransomware – Active IOCs
    Severity High Analysis Summary Chaos is a customizable ransomware builder that emerged on June 9 2021 (in underground forums) by falsely marketing itself as the .NET […]
    March 17, 2023
    March 17, 2023
    Rewterz Threat Advisory – Multiple Adobe ColdFusion Vulnerabilities
    Severity High Analysis Summary CVE-2023-26361 CVSS:4.9 Adobe ColdFusion could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially […]
    March 17, 2023
    March 17, 2023
    Rewterz Threat Alert – Ursnif Banking Trojan aka Gozi – Active IOCs
    Severity Medium Analysis Summary Ursnif banking trojan also known as Gozi and Dreambot has been around for more than 10 years. It gained popularity in 2015 […]

    Threat Insights

    16
    pdf-file (1)
    Annual Threat Intelligence Report 2022
    • Threat Advisories
    • Monthly Threat Insights
    • Threat Intelligence Reports
  • Why Rewterz?

    About Us

    Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.

    Read More

    play_btn_Smallplay_btn_hover_Small
    leadership

    Our Leadership

    Our leadership team brings together years of knowledge and experience in cybersecurity to drive our company's mission and vision. Our team is passionate about delivering high-quality products and services, leading by example and assisting our clients in securing their organization’s environment.
    help

    CSR

    At Rewterz, we believe that businesses have a responsibility to impact positively and contribute to the well-being of our communities as well as the planet. That's why we are committed to operating in a socially responsible and sustainable way.

    Connect with Us

    • Contact
    • Careers
Get in Touch
Rewterz
Rewterz Threat Alert – Remcos RAT – Active IOCs
September 22, 2021
Rewterz
Rewterz Threat Advisory – CVE-2021-31847 – McAfee Agent for Windows
September 23, 2021

Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities

September 23, 2021

Severity

High

Analysis Summary

CVE-2021-1612 

Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to bypass security restrictions, caused by improper access controls on files within the local file system. By using a specially-crafted symbolic link, an attacker could exploit this vulnerability to overwrite arbitrary files on the device.

CVE-2021-34712 

Cisco SD-WAN vManage Software could allow a remote authenticated attacker to obtain sensitive information, caused by improper input validation by the web-based management interface. By sending specially-crafted HTTP requests, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2021-34729 

Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper validation of arguments passed to certain CLI commands. By including specially-crafted input in the argument of an command, an attacker could exploit this vulnerability to execute arbitrary commands with elevated privileges on the underlying operating system.

CVE-2021-34703 

Cisco IOS and IOS XE Software are vulnerable to a denial of service, caused by improper initialization of a buffer. By sending specially-crafted LLDP frames, a remote authenticated attacker could exploit this vulnerability to cause the device to crash.

CVE-2021-1546 

Cisco SD-WAN Software could allow a local authenticated attacker to obtain sensitive information, caused by improper protections on file access through the CLI. By sending a specially-crafted CLI command that targets an arbitrary file, an attacker could exploit this vulnerability to obtain information of portions of an arbitrary file, and use this information to launch further attacks against the affected system.

CVE-2021-1615 

Cisco Embedded Wireless Controller Software is vulnerable to a denial of service, caused by improper buffer allocation. By sending specially-crafted traffic, a remote attacker could exploit this vulnerability to exhaust available resources, and results in a denial of service condition.

CVE-2021-34699 

Cisco IOS and IOS XE Software are vulnerable to a denial of service, caused by an improper interaction between the web UI and the CLI parser. By requesting a particular CLI command to be run through the web UI, a remote authenticated attacker could exploit this vulnerability to cause the device to reload, and results in a denial of service condition.

CVE-2021-34723 

Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to bypass security restrictions, caused by improper validation of specific CLI command parameters. By sending a specially-crafted command with specific parameters, an attacker could exploit this vulnerability to overwrite the content of the configuration database and gain root-level access to the device.

CVE-2021-1616 

Cisco IOS XE Software could allow a remote attacker to bypass security restrictions, caused by improper data validation of traffic that is traversing the ALG. By sending specially-crafted traffic , an attacker could exploit this vulnerability to bypass the ALG and open connections not allowed to a remote device located behind the ALG.

CVE-2021-34696 

Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow a remote attacker to bypass security restrictions, caused by incorrect programming of hardware when an ACL is configured using a method other than the configuration CLI. By sending specially-crafted traffics, an attacker could exploit this vulnerability to bypass an ACL on the device.

CVE-2021-1621 

Cisco IOS XE Software is vulnerable to a denial of service, caused by improper handling of certain Layer 2 frames. By sending specially-crafted Layer 2 frames on the segment the router is connected, a remote attacker could exploit this vulnerability to cause a queue wedge on the interface, and results in a denial of service condition.

CVE-2021-1589 

Cisco SD-WAN vManage Software could allow a remote authenticated attacker to obtain sensitive information, caused by improper access control to the API endpoints. By sending a specially-crafted request to an API endpoint, an attacker could exploit this vulnerability to obtain the administrative credentials, and use this information to launch further attacks against the affected system.

CVE-2021-1624 

Cisco IOS XE Software is vulnerable to a denial of service, caused by improper handling of the rate limiting feature within the QuantumFlow Processor. By sending specially-crafted traffic, a remote attacker could exploit this vulnerability to cause the QuantumFlow Processor utilization to reach 100 percent, and results in a denial of service condition.

CVE-2021-34724 

Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper file system protection and the presence of a sensitive file in the bootflash directory. By overwriting an installer file stored in the bootflash directory with arbitrary commands, an <authenticated> attacker could exploit this vulnerability to read and write changes to the configuration database with root privileges.

Impact

  • Security Bypass
  • Information Disclosure
  • Command Execution
  • Denial of Service
  • Privilege Escalation

Affected Vendors

  • Google

Affected Products

  • Cisco IOS XE Software 17.3
  • Cisco SD-WAN vManage software
  • Cisco IOS XE Software
  • Cisco IOS XE SD-WAN Software
  • Cisco SD-WAN vEdge Cloud Routers
  • Cisco SD-WAN vBond Orchestrator Software
  • Cisco SD-WAN vEdge Routers
  • Cisco SD-WAN vSmart Controller Software
  • Cisco SD-WAN Software
  • Cisco EWC Software for Catalyst APs
  • Cisco IOS Software Cisco IOS XE Software
  • Cisco Cloud Services Router (CSR) 1000V Series
  • Cisco 1000 Series Integrated Services Routers (ISRs)
  • Cisco 4000 Series ISRs
  • Cisco ASR 1000 Series Aggregation Services Routers (ASRs)
  • Cisco ASR 1000 Series Aggregation Services Routers
  • Cisco 1000 Integrated Services Routers (ISRs)
  • Cisco Integrated Services Virtual (ISRv) Routers
  • Cisco SD-WAN vManage Software

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

CVE-2021-1612

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-GjR5pGOm

CVE-2021-34712

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-jOsuRJCc

CVE-2021-34729

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3

CVE-2021-34703

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lldp-dos-sBnuHSjT

CVE-2021-1546

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX

CVE-2021-1615

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewc-dos-g6JruHRT

CVE-2021-34699

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-trustsec-dos-7fuXDR2

CVE-2021-34723

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-arbfileov-MVOF3ZZn

CVE-2021-1616

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-h323alg-bypass-4vy2MP2Q

CVE-2021-34696

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr900acl-UeEyCxkv

CVE-2021-1621

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-quewedge-69BsHUBW

CVE-2021-1589

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-credentials-ydYfskzZ

CVE-2021-1624

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ratenat-pYVLA7wM

CVE-2021-34724

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD

Platform

  • Rewterz XDR
  • Rewterz Defense
  • Rewterz Threat Intelligence

Managed Security Services

  • Managed Security Monitoring
  • Remote SOC
  • Onsite SOC
  • Hybrid SOC

Assess

  • Compromise Assessment
  • APT Assessment
  • Penetration Testing
  • Architecture Design & Review
  • Red Team Assessment
  • Purple Team Assessment
  • Social Engineering
  • Source Code Review

Transform

  • SOC Consultancy
  • SOC Maturity Assessment
  • SOC Model Evaluation
  • SOC Gap Analysis
  • SIEM Gap Analysis
  • SIEM Optimization
  • SOC Content Pack

Train

  • Simulated Cyber Attack Exercise
  • Tabletop Exercise
  • Security Awareness and Training

Respond

  • Incident Analysis
  • Incident Response

Threat Insights

  • Threat Advisories
  • Monthly Threat Insights
  • Threat Intelligence Reports

Resources

  • Blog
  • Press Releases

Connect With Us

  • Contact
  • Careers
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.
Get a Demo