Security News > 2022 > February > Critical Flaws Discovered in Cisco Small Business RV Series Routers
Cisco has patched multiple critical security vulnerabilities impacting its RV Series routers that could be weaponized to elevate privileges and execute arbitrary code on affected systems, while also warning of the existence of proof-of-concept exploit code targeting some of these bugs.
Three of the 15 flaws, tracked as CVE-2022-20699, CVE-2022-20700, and CVE-2022-20707, carry the highest CVSS rating of 10.0, and affect its Small Business RV160, RV260, RV340, and RV345 Series routers.
The flaws could be exploited to bypass authentication and authorization protections, retrieve and run unsigned software, and even cause denial-of-service conditions.
The networking equipment maker acknowledged that it's "Aware that proof-of-concept exploit code is available for several of the vulnerabilities" but didn't share any further specifics on the nature of the exploit or the identity of the threat actors that may be exploiting them.
CVE-2022-20699 concerns a case of remote code execution that could be exploited by an attacker by sending specially crafted HTTP requests to a device that functions as an SSL VPN Gateway, effectively leading to the execution of malicious code with root privileges.
CVE-2022-20700, CVE-2022-20701, and CVE-2022-20702, which the company said stems from an insufficient authorization enforcement mechanism, could be abused to elevate privileges to root and execute arbitrary commands on the affected system.
News URL
https://thehackernews.com/2022/02/critical-flaws-discovered-in-cisco.html
Related news
- Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management (source)
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)
- Critical Cisco ISE bug can let attackers run commands as root (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Juniper patches critical auth bypass in Session Smart routers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-10 | CVE-2022-20707 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 7.3 |
| 2022-02-10 | CVE-2022-20702 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 7.2 |
| 2022-02-10 | CVE-2022-20701 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 7.8 |
| 2022-02-10 | CVE-2022-20700 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 9.8 |
| 2022-02-10 | CVE-2022-20699 | Improper Validation of Specified Quantity in Input vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 9.8 |