Cisco warns of critical vulnerabilities in routers

Cisco this week urged customers to patch three vulnerabilities discovered in a handful of its routers.

The company said the vulnerabilities — which could affect Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers — could allow an unauthenticated remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device.

The Cybersecurity and Infrastructure Security Agency (CISA) released its own warning about the vulnerabilities on Thursday, writing that they could allow someone to take control of an affected system.

Two of the bugs — labeled CVE-2022-20827 and CVE-2022-20841 — affect nine router models, while CVE-2022-20842 affects four.

Cisco said the vulnerabilities are dependent on one another because exploitation of one may be needed to take advantage of the others. 

“In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities,” Cisco explained. 

CVE-2022-20842 and CVE-2022-20827 are rated “critical” and carry vulnerability scores (CVSS) of 9.8 and 9, respectively. CVE-2022-20841 is rated “high” and has a CVSS of 8.3.

There are no workarounds for the vulnerabilities, and CIsco’s security team said it is not aware of their malicious use.

Chris Clements, VP of solutions architecture at Cerberus Sentinel, told The Record that the worst of the issues that can be exploited by a remote unauthenticated attacker appear to target Cisco devices’ web management interface.  

He said a non-exhaustive search on Shodan found more than 12,000 web management interfaces exposed to

Read more

Explore the site

More from the blog

Latest News