Cisco has expanded a maximum-severity security advisory to include an additional SD-WAN device affected by a critical vulnerability. The flaw carries the highest possible CVSS score, meaning it could allow an attacker to fully compromise affected devices without authentication. Organisations that applied patches at the time of the original advisory may still need to review logs for signs of prior exploitation.

Security Architect’s Take: If you operate Cisco SD-WAN infrastructure, verify the updated advisory to confirm whether the newly added device is in your estate, and conduct a thorough review of device logs and NetFlow data for indicators of compromise — even if you patched promptly after the original disclosure.

Original advisory: Cisco adds another SD-WAN box to max-severity bug advisory