Cisco has assigned this vulnerability a Common Vulnerability Scoring System (CVSS) base score of 7.8. Further information about CVSS can be found here: http://nvd.nist.gov. Cisco has released software updates for this vulnerability. However, it is important to note that protection against exploitation of these vulnerabilities is not offered by default. In order to be protected, you must configure your devices as per the recommendations documented in Cisco’s security advisory. Cisco recommends devices running FTD software version 5.0.0.13 or earlier version be updated to version 5.0.0.14 or later. In addition, Cisco recommends you closely monitor any traffic traversing the affected device, and take appropriate action to mitigate the risk of exploitation. Cisco recommends using Cisco firewalls and IPS to block TCP traffic to the affected device on all interfaces, and monitor traffic to ensure that it is not being exploited. Cisco also recommends using Cisco firewSources: Cisco ies and NGFW to prevent malicious traffic on the affected device. Cisco has also provided guidance on how to close possible security holes in your network to prevent exploitation of these vulnerabilities.
What are the Cisco IOS XE Software Vulnerabilities?
Cisco IOS XE Software versions prior to version 3.3.0.3 are vulnerable to a remote code execution vulnerability that can be exploited without authentication and without end-user interaction, aka “CVE-2022-20746”. Cisco has assigned this vulnerability a Common Vulnerability Scoring System (CVSS) base score of 7.8. Further information about CVSS can be found here: http://nvd.nist.gov
Cisco has released software updates for these vulnerabilities; however, protection against exploitation of these vulnerabilities is not offered by default. In order to be protected, you must configure your devices as per the recommendations documented in Cisco’s security advisory
Cisco recommends devices running FTD software version 5.0.0.13 or earlier versions be updated to version 5.0.0.14 or later; in addition, Cisco recommends you closely monitor any traffic traversing the affected device and take appropriate action on it if you believe it may have been exploited
Cisco Firewall Tips
Cisco firewalls, such as the Cisco Catalyst 6500 Series Switches and Cisco ASA firewalls, are a good way to prevent exploitation of these vulnerabilities.
Cisco has provided a remediation matrix for this vulnerability
Cisco has provided a remediation matrix for this vulnerability. It is important that you use Cisco’s recommendations to protect yourself from exploitation of these vulnerabilities.
Timeline
Published on: 05/03/2022 04:15:00 UTC
Last modified on: 05/13/2022 02:00:00 UTC