SD-WAN Multiple Security Updates

Yesterday (Oct, 22 2018), Citrix released CTX236992 which describes multiple security vulnerabilites with Citrix SD-WAN. Those may allow an attacker to get access to the SD-WAN appliance’s management interface.

The according CVEs are:

The vulnerabilities are fixed with SD-WAN firmware versions 9.3.6, 10.0.4 and 10.1.1 – the latter isn’t released yet.

SD-WAN WANOP edition (fka Branch Repeater / CloudBridge) is NOT affected by the vulnerabilities mentioned above.

Leave a Reply