Cisco has released security updates to address pre-auth remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software. The vulnerabilities were found by Cisco security researchers during internal security testing of affected products. The company also patched multiple pre-authentication vulnerabilities with public exploits in the Cisco Security Manager exposing affected devices to remotecode execution attacks in November. These vulnerabilities are not dependent on one another and are not required to exploit one of the other to exploit the other.
Source: https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-pre-auth-bugs-in-sd-wan-cloud-license-manager/