CVE-2022-20700

Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

Act

*SSVC

Descriptions

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.

Múltiples vulnerabilidades en los routers Cisco Small Business RV160, RV260, RV340 y RV345 Series podrían permitir a un atacante realizar cualquiera de las siguientes acciones Ejecutar código arbitrario. Elevar los privilegios. Ejecutar comandos arbitrarios. Omitir las protecciones de autenticación y autorización. Obtener y ejecutar software no firmado. Causar una denegación de servicio (DoS) Para obtener más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso

A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Act

Exploitation

Active

Automatable

Yes

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2021-11-02 CVE Reserved
2022-02-10 CVE Published
2022-03-03 Exploited in Wild
2022-03-17 KEV Due Date
2024-10-29 CVE Updated
2024-11-09 EPSS Updated
---------- First Exploit

CWE

CWE-121: Stack-based Buffer Overflow
CWE-787: Out-of-bounds Write

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D	2024-07-24

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Rv340 Firmware Search vendor "Cisco" for product "Rv340 Firmware"	<= 1.0.03.24 Search vendor "Cisco" for product "Rv340 Firmware" and version " <= 1.0.03.24"	-	Affected	in	Cisco Search vendor "Cisco"	Rv340 Search vendor "Cisco" for product "Rv340"	-	-	Safe
Cisco Search vendor "Cisco"	Rv340w Firmware Search vendor "Cisco" for product "Rv340w Firmware"	<= 1.0.03.24 Search vendor "Cisco" for product "Rv340w Firmware" and version " <= 1.0.03.24"	-	Affected	in	Cisco Search vendor "Cisco"	Rv340w Search vendor "Cisco" for product "Rv340w"	-	-	Safe
Cisco Search vendor "Cisco"	Rv345 Firmware Search vendor "Cisco" for product "Rv345 Firmware"	<= 1.0.03.24 Search vendor "Cisco" for product "Rv345 Firmware" and version " <= 1.0.03.24"	-	Affected	in	Cisco Search vendor "Cisco"	Rv345 Search vendor "Cisco" for product "Rv345"	-	-	Safe
Cisco Search vendor "Cisco"	Rv345p Firmware Search vendor "Cisco" for product "Rv345p Firmware"	<= 1.0.03.24 Search vendor "Cisco" for product "Rv345p Firmware" and version " <= 1.0.03.24"	-	Affected	in	Cisco Search vendor "Cisco"	Rv345p Search vendor "Cisco" for product "Rv345p"	-	-	Safe
Cisco Search vendor "Cisco"	Rv160 Firmware Search vendor "Cisco" for product "Rv160 Firmware"	<= 1.0.01.05 Search vendor "Cisco" for product "Rv160 Firmware" and version " <= 1.0.01.05"	-	Affected	in	Cisco Search vendor "Cisco"	Rv160 Search vendor "Cisco" for product "Rv160"	-	-	Safe
Cisco Search vendor "Cisco"	Rv160w Firmware Search vendor "Cisco" for product "Rv160w Firmware"	<= 1.0.01.05 Search vendor "Cisco" for product "Rv160w Firmware" and version " <= 1.0.01.05"	-	Affected	in	Cisco Search vendor "Cisco"	Rv160w Search vendor "Cisco" for product "Rv160w"	-	-	Safe
Cisco Search vendor "Cisco"	Rv260 Firmware Search vendor "Cisco" for product "Rv260 Firmware"	<= 1.0.01.05 Search vendor "Cisco" for product "Rv260 Firmware" and version " <= 1.0.01.05"	-	Affected	in	Cisco Search vendor "Cisco"	Rv260 Search vendor "Cisco" for product "Rv260"	-	-	Safe
Cisco Search vendor "Cisco"	Rv260p Firmware Search vendor "Cisco" for product "Rv260p Firmware"	<= 1.0.01.05 Search vendor "Cisco" for product "Rv260p Firmware" and version " <= 1.0.01.05"	-	Affected	in	Cisco Search vendor "Cisco"	Rv260p Search vendor "Cisco" for product "Rv260p"	-	-	Safe
Cisco Search vendor "Cisco"	Rv260w Firmware Search vendor "Cisco" for product "Rv260w Firmware"	<= 1.0.01.05 Search vendor "Cisco" for product "Rv260w Firmware" and version " <= 1.0.01.05"	-	Affected	in	Cisco Search vendor "Cisco"	Rv260w Search vendor "Cisco" for product "Rv260w"	-	-	Safe