CVE-2022-20775 The CLI of Cisco SD-WAN is vulnerable to improper access controls, which allows local attackers to gain elevated privileges.

Cisco has assigned a Common Vulnerability Scoring System (CVSS) base score of 5.4 to this issue.

Cisco has assigned a severity rating of High to these issues.

Cisco has assigned a version number to this advisory of CVSS-3.0: CRITICAL. These issues could allow an attacker to gain elevated privileges on the affected device. Cisco recommends upgrading to the most current versions of Cisco SD-WAN Software immediately. All of the vulnerabilities described in this advisory have been assigned the following CVSS v3 metrics: Access Vector Access Complexity Authentication Confidentiality Impact Complete Confidentiality Impact. These issues could allow an attacker to gain elevated privileges on the affected device. Cisco recommends upgrading to the most current versions of Cisco SD-WAN Software immediately. All of the vulnerabilities described in this advisory have been assigned the following CVSS v3 metrics: Access Vector Access Complexity Authentication Confidentiality Impact Complete Confidentiality Impact. Cisco has released software updates. Cisco recommends that users discontinue use of Cisco SD-WAN Software and Cisco ASA Software versions prior to 12.0.4.0.

Vulnerable Software Versions and Fixes

The following software versions are vulnerable to CVE-2022-20775:
Software Version Software Version with Fix
12.0.4.0 12.0.4.0 with fix
11.3.1 11.3.1 with fix
10.5 10.5 with fix

Mitigation

Cisco SD-WAN Software 12.0.4.0 patch is available for download now so you can mitigate this vulnerability before it is exploited.
Cisco ASA Software 11.6 release is available for download now to fix this vulnerability. Cisco recommends that users discontinue use of Cisco SD-WAN Software and Cisco ASA Software versions prior to 12.0.4.0

What is Cisco SD-WAN Software?

The Cisco SD-WAN Software is a suite of applications that provide the ability to securely connect branch offices, data centers, and remote sites together. It includes the following features:
● Cisco SD-WAN Orchestrator
● Cisco SD-WAN Meraki
● Cisco SD-WAN EdgeCore
Cisco SD-WAN Software also provides security for networks, such as:
● VPN
● SSL VPN
● 802.1x
A vulnerability was discovered in the following releases of Cisco SD-WAN Software:
• 12.0(50)SE2
• 12.0(100)SE1
• 12.0(100)SE3
• 12.0(100)SE2P2
• 12.0(101)SE1P1

Affected Products

Cisco SD-WAN Software versions prior to 12.0.4.0
Cisco ASA Software versions prior to 12.0.3.8
Cisco SD-WAN Software versions prior to 12.0.4.0
Cisco ASA Software versions prior to 12.0.3.8

Vulnerable Products and Versions

The following Cisco products are affected by this vulnerability:
-Cisco SD-WAN Software versions 12.0.4.0, 12.0.3.8, and 12.0.3.2
-Cisco ASA Software versions 9.6(6), 9.6(5), 9.5(9), and 9.1(7)

Timeline

Published on: 09/30/2022 19:15:00 UTC
Last modified on: 10/04/2022 19:14:00 UTC

References

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20775