Citrix SD-WAN Multiple High-Risk Vulnerability Alert
On November 10, 2020, Citrix released Citrix SDWAN Center Security Update to warn about the vulnerability. These vulnerabilities numbers are CVE-2020-8271, CVE-2020-8272, and CVE-2020-8273. The exploit code (PoC) of CVE-2020-8271 has been made public.
Citrix Systems Inc. / CC BY (https://creativecommons.org/licenses/by/3.0)
Vulnerability Detail
| CVE | Description | Vulnerability Type | Pre-conditions |
| CVE-2020-8271 | Unauthenticated remote code execution with root privileges | CWE-23: Path Traversal | An attacker must be able to communicate with SD-WAN Center’s Management IP/FQDN |
| CVE-2020-8272 | Authentication Bypass resulting in exposure of SD-WAN functionality | CWE-287: Improper Authentication | An attacker must be able to communicate with SD-WAN Center’s Management IP/FQDN |
| CVE-2020-8273 | Privilege escalation of an authenticated user to root | CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) | The attacker must be an authenticated user on SD-WAN Center |
Affected version
- Citrix SD-WAN 11.2 before 11.2.2
- Citrix SD-WAN 11.1 before 11.1.2b
- Citrix SD-WAN 10.2 before 10.2.8
Unaffected version
- Citrix SD-WAN 11.2.2 and later versions of Citrix SD-WAN 11.2
- Citrix SD-WAN 11.1.2b and later versions of Citrix SD-WAN 11.1
- Citrix SD-WAN 10.2.8 and later versions of Citrix SD-WAN 10.2
Solution
In this regard, we recommend that users upgrade Citrix SD-WAN to the latest version in time.
