CVE-2022-20773 An attacker could impersonate a Cisco VA with a static SSH host key.

To safeguard against this threat, ensure that the root login password is strong and that SSH is enabled on the Umbrella VA and that the host key is not left in the default configuration. Cisco has verified that Umbrella VAs with static host keys are vulnerable. Workarounds There are no known workarounds at this time. Fix Information To mitigate the risk of this vulnerability, ensure that the Umbrella VA has the following static host key installed: Host Key: /etc/umbrella/host-key.rsa

CVSS Vulnerability Summary

Vendor: Cisco Systems
Product: Umbrella VA
CVSSv3 Base Score: 8.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/Au:N)
CVSSv3 Temporal Score*: 6.4 (Elevation of Privilege)
Reference Link

Cisco Internetwork Operating System (IOS) Software and Services Release

Cisco has released software updates that address this vulnerability. Workarounds There are no known workarounds at this time. Fix Information To mitigate the risk of this vulnerability, ensure that the Umbrella VA has the following static host key installed: Host Key: /etc/umbrella/host-key.rsa

General Information

The CVE-2022-20773 vulnerability is a type of remote code execution flaw caused by a lack of validation on the host key when SSH is enabled. This vulnerability can be exploited by an unauthenticated, remote attacker to execute arbitrary commands with root privileges on an Umbrella VA.
This vulnerability affects Cisco Umbrella VAs that have a static host key configured in their default configuration. The following Cisco Security Advisories detail this issue:
Cisco has verified that Umbrella VAs with static host keys are vulnerable. Workarounds There are no known workarounds at this time. Fix Information To mitigate the risk of this vulnerability, ensure that the Umbrella VA has the following static host key installed: Host Key: /etc/umbrella/host-key.rsa

Network Security:

When to Change the Host Key
In order to mitigate the risk of this vulnerability, you should change the host key on the Umbrella VA. After doing so, ensure that SSH is enabled on the Umbrella VA and that root login password is strong.

Timeline

Published on: 04/21/2022 19:15:00 UTC
Last modified on: 05/04/2022 18:58:00 UTC

References

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uva-static-key-6RQTRs4c
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20773