This vulnerability has been assigned the Common Vulnerability Scoring System (CVSS) rating of 10.0. A patch is currently available. Cisco products do not support external devices. Cisco recommends that vendors of devices that are integrated with the company’s products upgrade the devices to provide a more secure architecture. Cisco is in the process of working with the vendor to provide a more comprehensive fix. Cisco offers comprehensive guidance to its customers on how to protect against this threat, and recommends that customers follow the guidance as some of the countermeasures take time to implement. Cisco continues to monitor this situation and will release additional guidance and information as it becomes available. Cisco is aware of a circuit management system (CMS) vulnerability that allows authenticated attackers to execute arbitrary code on the device with root privileges. This vulnerability has been assigned the Common Vreshold of Vulnerability (CoV) of 10.0. A patch is currently available. Cisco products do not support external devices. Cisco recommends that vendors of devices that are integrated with the company’s products upgrade the devices to provide a more secure architecture. Cisco is in the process of working with the vendor to provide a more comprehensive fix
Cisco Product Interaction Table Product
Platform
CVSS
Misc.
SV-2022-36038
Timeline
Published on: 09/06/2022 19:15:00 UTC
Last modified on: 09/09/2022 19:27:00 UTC