CVE-2022-20870 An vulnerability in egress MPLS packet processing of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

Cisco has assigned this vulnerability a classification of CVSSv3 Base 10.0 – Exploitable through IPv4, with a score of 8.8. CVSS is a standard data classification tool used in computing and networking to scale attack detection and Cisco security software ratings. There are no workarounds or mitigations for this vulnerability. Cisco recommends users run all software updates to reduce the risk of exploitation. Additionally, administrators should closely monitor for signs of malicious activity when operating MPLS-enabled devices, such as increased traffic or abnormal log messages.

Workarounds There are no known workarounds for this at this time.

Exploitation and Public Announcements The Cisco PSIRT first became aware of this vulnerability in Cisco IOS XE Software when a researcher reported it via Cisco’s Responsible Disclosure Program. The researcher reported the vulnerability on August 7, 2018. Cisco released an update to Cisco IOS XE Software on August 14, 2018. The researcher reported the CVE-ID to the TippingPoint™ Sentinel project on August 14, 2018. Public announcements of this vulnerability were made via Cisco’s Common Vulnerabilities Reporting and Coordination (CVRCC) program. The Cisco PSIRT encourages users to consult the Common Vulnerabilities and Exposures (CVE) database: https://cve.mitre.org/ There are no known public exploits of this vulnerability. Cisco has a responsible disclosure policy for information about newly discovered security

Cisco Product Browsing

Capability Vulnerabilities
There are no known public exploits of this vulnerability. Cisco has a responsible disclosure policy for information about newly discovered security vulnerabilities.

Technical Description

CVE-2022-20870 is a vulnerability in the MPLS protocol stack. This allows for an unauthenticated attacker to remotely inject malicious MPLS traffic on a Cisco device configured with IPsec and MPLS, which is vulnerable to a Man in the Middle (MitM) attack.

Cisco IOS Software

Cisco IOS Software is the operating system for Cisco’s networking devices, such as routers and switches. It has a large user base with more than 12 billion devices running it worldwide, making it one of the most widely used operating systems in history.

Cisco Bug IDs

Cisco Bug IDs
CVE-2022-20870

Timeline

Published on: 10/10/2022 21:15:00 UTC
Last modified on: 10/13/2022 20:00:00 UTC

References

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mpls-dos-Ab4OUL3
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20870