CVE-2022-20923/ CVE-2022-20863: Cisco Small Business Routers & Webex App Flaws

by do son · Published · Updated

CVE-2022-20923

Cisco on Wednesday informed customers that security updates are available for several of the company’s products, including SD-WAN, Webex, and Small Business routers.

Only one vulnerability has been classified by the networking giant as a “medium.” Tracked as CVE-2022-20923, the flaw affects the Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers and it can be exploited by a remote, unauthenticated attacker to bypass authentication controls and access the IPSec VPN network.

This vulnerability is due to the improper implementation of the password validation algorithm. An attacker could exploit this vulnerability by logging in to the VPN from an affected device with crafted credentials. A successful exploit could allow the attacker to bypass authentication and access the IPSec VPN network. The attacker may obtain privileges that are the same level as an administrative user, depending on the crafted credentials that are used,read the Cisco advisory.

The CVE-2022-20923 bug was caused by improper implementation of the password validation algorithm. By using specially-crafted credentials, an attacker could exploit this vulnerability to bypass authentication and access the IPSec VPN network.

According to an end-of-sale announcement on Cisco’s website, the last day these RV Series routers were available for the order was December 2, 2019. Cisco writes: “Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

A flaw, classified as “medium severity” based on their CVSS score, has been addressed by Cisco in Webex Meetings App. Tracked as CVE-2022-20863, the bug could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. By sending specially-crafted messages within the application interface, an attacker could exploit this vulnerability to modify the display of links or other content within the interface.

The security hole can impact several Cisco products if they are running a Webex Meetings App prior to 42.7.

Cisco Webex App Release First Fixed Release
Earlier than 42.7 Migrate to a fixed release.
42.7 Not affected.
42.8 Not affected.

Cisco says there is no indication that any of the flaws patched this week have been exploited for malicious purposes.

Tags: CVE-2022-20863CVE-2022-20923