VMware fixed SD-WAN flaws that could allow hackers to target enterprise networks

From securityaffairs.co

VMware last week addressed six vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002, CVE-2020-4003) in its SD-WAN Orchestrator product, including some issues that can be chained by an attacker to hijack traffic or shut down an enterprise network.

The following vulnerabilities have been reported by Ariel Tempelhof of Realmode Labs, they can be chained by remote unauthenticated attackers to achieve remote code execution.

Read more…