Cisco released security updates to mitigate a vulnerability in IOS XE SD-WAN solution software.
As per Cisco Security Advisories “An attacker could exploit this vulnerability to take control of an affected device”
Cisco has categorized High impact; hence it is advisable to review the Bug ID: CSCvs75505 and apply the required updates.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwcinj-AcQ5MxCn
Sources:
The source of the bug reporting has credited to Julien Legras and Thomas Etrillard.
There are some interesting exploit examples, Please go through the exploit section.
https://www.synacktiv.com/category/exploit.html
https://www.synacktiv.com/posts/pentest/pentesting-cisco-sd-wan-part-1-attacking-vmanage.html
