TL;DR 📌

A vulnerability in Cisco SD-WAN vEdge Software could allow unauthenticated remote attackers to bypass access control lists (ACLs) on affected devices. This vulnerability has a medium severity rating (CVSS 5.8). Cisco has released fixed software and workarounds are available.

What happened 🕵️‍♂️

A vulnerability has been identified in the access control list (ACL) processing of IPv4 packets within Cisco SD-WAN vEdge Software. This flaw allows an unauthenticated remote attacker to bypass configured ACLs due to improper enforcement of the implicit deny rule at the end of an ACL. By exploiting this vulnerability, attackers can send unauthorized traffic to an affected device’s interface, potentially compromising network security.