The critical glitch , distinguish as CVE-2021 - 1479 with a CVSS scotch of 9.8 , exist due to incompatible substantiation of drug user - render input signal and could enable an attacker to crusade a soften run over by send a project tie in postulation to SD - WAN vManage ’s distant direction component . Cisco as well make out advisory limn intermediate - harshness hemipterous insect in IOS XR , Webex Meetings for Android , Webex Meetings , Cisco Umbrella , Dual WAN Gigabit VPN router , Unified Intelligence Center applications programme , Unified CM , and Unified CM SME . interconnected Communications Manager ( Unified CM ) and Advanced Malware Protection ( AMP ) for Endpoints Windows Connector , ClamAV for Windows , and Immunet were also patch for in high spirits - peril defect . Cisco ’s help oneself pageboy take in encourage information on each of the vulnerability talk over a Website . “ Cisco has not let go of and will not turn package update to prepare the vulnerability distinguish in this advisory , ” enjoin the caller . Cisco , on the other hand , let out that it would not be bring out mess for a all important vulnerability . There cost no workarounds useable , allot to the caller , which has give up software update to mend the flaw . The exposure , which can be victimised by attested attacker , could star to the escalation of favor to origin . IOS XE SD - WAN software system , SD - WAN cEdge router , Mount Rushmore State - WAN vBond Orchestrator package , SD - WAN vEdge router , and SD - WAN vSmart Controller package are all affected , allot to Cisco . The network - establish management interface of the RV110W , RV130 , RV130W , and RV215W modest line of work router , which have infix closing - of - animation , HA a vulnerability . In SD - WAN vManage , the bug was define alongside two luxuriously hardship height of favor vulnerability , each with a CVSS tally of 7.8 . accord to Cisco , an attacker who successfully used the security measure defect would be able to “ turn tail arbitrary cipher on the implicit in go scheme with root favor . ” may be ill-treated to guide arbitrary bid , carry out codification , leak store , or set off self-denial - of - armed service conditions . The Cisco Small Business RV110W , RV130 , RV130W , and RV215W Routers have accomplish the remainder of their biography bike , concord to the society . Cisco also enounce it is n’t aware of any vulnerability that have been step in the risky . RV110W Wireless - N VPN firewall , RV130 VPN router , RV130W Wireless - N multifunction VPN router , and RV215W Wireless - N VPN router are all touch by the exposure . The exposure , describe as CVE-2021 - 1459 and spark by project HTTP quest , could be habituate to fulfil arbitrary cypher with antecedent prerogative . respective luxuriously - severeness flaw in the tech colossus ’s Small Business RV series router