Cisco patched a critical vulnerability in its enterprise WAN software that could allow an unauthenticated, remote attacker to log in with administrator privileges.

The security flaw, CVE-2020-3446, is in Cisco Virtual Wide Area Application Services (vWAAS) with Cisco Enterprise NFV Infrastructure Software (NFVIS)-bundled images software. Cisco ranked the bug critical, and it earned a CVSS score of 9.8 out of 10. However, Cisco says it’s not aware of any instances where the WAN software bug has been exploited for malicious use.

The vWAAS is a virtual appliance that manages business applications running on private cloud infrastructure. Cisco says it enables customers to “rapidly create WAN optimization services with minimal network configuration or disruption.”

The vulnerability exists because the software has user accounts with default passwords. An attacker with access to the NFVIS command line interface of an affected device could exploit the flaw by logging into the command line interface with administrator privileges.

Cisco says it affects ENCS 5400-W Series and CSP 5000-W Series appliances if they are running Cisco vWAAS with NFVIS-bundled image releases 6.4.5, or 6.4.3d and earlier. It does not affect standalone NFVIS running on Cisco ENCS 5000 Series and Cisco CSP 5000 Series devices, and it does not affect standalone vWAAS software or WAAS software running on Cisco Wide Area Virtualization Engine (WAVE) appliances.

The networking vendor patched the critical WAN software bug on Wednesday, along with two high-severity flaws and a whopping 21 medium-severity vulnerabilities.

One of the two high-severity flaws, CVE-2020-3443 in Cisco Smart Software Manager On-Prem, could allow an authenticated, remote attacker to escalate privileges and then perform actions associated with a higher privilege role. So, for example, if that role is an administrative role, the attacker would gain full access to the device.

This vulnerability received a CVSS score of 8.8.

And the second high-severity flaw, CVE-2020-3506, includes multiple vulnerabilities in in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras. It could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP camera. This one also received a CVSS score of 8.8.

If exploited, an attacker could execute code on the affected IP camera or cause it to reload unexpectedly, thus resulting in denial of service.