Vulnerability Found in VMware NSX SD-WAN

In sports, strategy evolves over time. Let’s take the NFL for example, just a decade or so ago, ground and pound was a popular offensive strategy – when paired with a strong defense that is. Over time, the NFL has shifted to a more pass-first model to be more effective against the types of defenses run. The enterprise does a similar dance with its security protocols. Hackers have a tendency of staying one step ahead in this cat and mouse game, making it critical for IT departments to stay in tune with the WAN, and ready to make the necessary halftime adjustments.

Cybersecurity solution provider Critical Start’s Section 8 Penetration Team revealed security vulnerability in VMware NSX SD-WAN environments by VeloCloud. The security flaw leaves network firewalls, routers and switches open to unwanted access.  

"As networking equipment has increasingly become virtualized and software-defined, it has opened up new attack vectors for criminals and hackers to try and access the systems, data and assets of business of all sizes," noted Rob Davis, CEO at Critical Start. "A key part of our security services, the Section 8 PenTest team continues to identify new vulnerabilities and inform vendors of the discoveries so quick action can be taken to resolve the findings. We feel strongly that security is a team effort that requires the diligent efforts of many organizations and individuals working together across the industry."

Once Critical Start discovered the unauthenticated command injection vulnerability it notified VMwares Security Response team. Once a patch was released, VMware publicly shared information on the security threat.

Staying one step ahead is crucial to securing the WAN, this means being proactive about ensuring the proper SD-WAN solutions are in place and keeping a tireless eye on operations.

What’s in your WAN?