Sunday, October 13, 2024

Critical Flaws Discovered in Cisco Small Business RV Series Routers

Cisco has patched multiple critical security vulnerabilities impacting its RV Series routers that could be weaponized to elevate privileges and execute arbitrary code on affected systems, while also warning of the existence of proof-of-concept (PoC) exploit code targeting some of these bugs.

Three of the 15 flaws, tracked as CVE-2022-20699, CVE-2022-20700, and CVE-2022-20707, carry the highest CVSS rating of 10.0, and affect its Small Business RV160, RV260, RV340, and RV345 Series routers.

Additionally, the flaws could be exploited to bypass authentication and authorization protections, retrieve and run unsigned software, and even cause denial-of-service (DoS) conditions.

The networking equipment maker acknowledged that it’s “aware that proof-of-concept exploit code is available for several of the vulnerabilities” but didn’t share any further specifics on the nature of the exploit or the identity of the threat actors that may be exploiting them.

CVE-2022-20699 concerns a case of remote code execution that could be exploited by an attacker by sending specially crafted HTTP requests to a device that functions as an SSL VPN Gateway, effectively leading to the execution of malicious code with root privileges.

CVE-2022-20700, CVE-2022-20701 (CVSS score: 9.0), and CVE-2022-20702 (CVSS score: 6.0), which the company said stems from an insufficient authorization enforcement mechanism, could be abused to elevate privileges to root and execute arbitrary commands on the affected system.

CVE-2022-20708, the third flaw to receive a 10.0 score on the CVSS scale, is due to insufficient validation of user-supplied input, enabling the adversary to inject malicious commands and get them on the underlying Linux operating system.

Recommended:  DISMANTLED: Russian 'RSocks botnet' down after hacking millions of devices

Other flaws fixed by Cisco are as follows:

  • CVE-2022-20703 (CVSS score: 9.3) – Cisco Small Business RV Series Routers Digital Signature Verification Bypass Vulnerability
  • CVE-2022-20704 (CVSS score: 4.8) – Cisco Small Business RV Series Routers SSL Certificate Validation Vulnerability
  • CVE-2022-20705 (CVSS score: 5.3) – Cisco Small Business RV Series Routers Improper Session Management Vulnerability
  • CVE-2022-20706 (CVSS score: 8.3) – Cisco RV Series Routers Open Plug and Play Command Injection Vulnerability
  • CVE-2022-20707 and CVE-2022-20749 (CVSS scores: 7.3) – Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Command Injection Vulnerabilities
  • CVE-2022-20709 (CVSS score: 5.3) – Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Arbitrary File Upload Vulnerability
  • CVE-2022-20710 (CVSS score: 5.3) – Cisco Small Business RV Series Routers GUI Denial of Service Vulnerability
  • CVE-2022-20711 (CVSS score: 8.2) – Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Arbitrary File Overwrite Vulnerability
  • CVE-2022-20712 (CVSS score: 7.3) – Cisco Small Business RV Series Routers Upload Module Remote Code Execution Vulnerability

Cisco also stressed that there are no workarounds that address these aforementioned weaknesses, urging customers to update to the latest version of the software as soon as possible to counter any potential attacks.

You may also enjoy reading, The largest DDoS to date, Microsoft mitigates a 3.47 Tbps DDoS attack

Got to Cybersecurity News

Go to Homepage

Go to Cybersecurity Academy

Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for RiSec Weekly Cybersecurity Newsletter Today

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Bookmark
Recommended:  UK: Foreign Office tells Britons in Ukraine to leave country now
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

User Avatar
Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates

explore

more

security