CVE-2022-20705 Small Business RV160, RV260, RV340, and RV345 routers could be exploited by an attacker to execute arbitrary code, elevate privileges, or bypass authentication and authorization.

CVE-2022-20705 Small Business RV160, RV260, RV340, and RV345 routers could be exploited by an attacker to execute arbitrary code, elevate privileges, or bypass authentication and authorization.

Cisco Small Business RV Series Routers running Cisco IOS Software could allow an attacker to exploit multiple vulnerabilities to execute arbitrary code, elevate privileges, bypass authentication and authorization, and cause a denial of service (DoS) to the device. Cisco has released software updates that address these vulnerabilities. There are no workarounds. However, you can mitigate these vulnerabilities by configuring basic security best practices, such as anti-virus, firewall, and intrusion detection/prevention measures. Details - Cisco Small Business RV Series Routers running Cisco IOS Software could allow an attacker to exploit multiple vulnerabilities to execute arbitrary code, elevate privileges, bypass authentication and authorization, and cause a denial of service (DoS) to the device. Cisco has released software updates that address these vulnerabilities. There are no workarounds. However, you can mitigate these vulnerabilities by configuring basic security best practices, such as anti-virus, firewall, and intrusion detection/prevention measures. - Multiple Cisco Small Business RV Series Routers running Cisco IOS Software could be exploited due to multiple vulnerabilities. Cisco has released software updates that address these vulnerabilities. There are no workarounds. However, you can mitigate these vulnerabilities by configuring basic security best practices, such as anti-virus, firewall, and intrusion detection/prevention measures

Summary

Cisco Small Business RV Series Routers running Cisco IOS Software could allow an attacker to exploit multiple vulnerabilities to execute arbitrary code, elevate privileges, bypass authentication and authorization, and cause a denial of service (DoS) to the device. Cisco has released software updates that address these vulnerabilities. There are no workarounds. However, you can mitigate these vulnerabilities by configuring basic security best practices, such as anti-virus, firewall, and intrusion detection/prevention measures
The following products have been released by Cisco to address CVE-2022-20705:
IOS ---------------
CSCvc23686 - This vulnerability is fixed in IOS Software Releases 12.4(33)S2 and 15.0M3a
IOS XE ---------------
CSCve87479 - This vulnerability is fixed in IOS Software Releases 16.1SE7a, 16.2SE7cDRE1a, 16.2SR5b

Multiple Cisco Small Business RV Series Routers running Cisco IOS Software could be exploited due to multiple vulnerabilities. Cisco has released software updates that address these vulnerabilities. There are no workarounds. However, you can mitigate these vulnerabilities by configuring basic security best practices, such as anti-virus, firewall, and intrusion detection/prevention measures

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe