Cisco has released another batch of fixes for many of its products, including its SD-WAN and DNA Center solutions, its Email Security Appliance, Security Manager, SOHO routers/firewalls, and more.
Critical flaws
CVE-2019-1625 could allow an authenticated, local attacker to elevate lower-level privileges to the root user on a device running a vulnerable version of the Cisco SD-WAN Solution.
Cisco SD-WAN on a number of Cisco’s vEdge routers, its vBond Orchestrator Software, its vSmart Controller Software, and other products.