Cisco Fixes Critical Flaws in Small Business Routers
Reading Time: 2 minutes

Cisco has fixed critical flaws in its small business routers, the company patched 14 vulnerabilities in its Small Business RV Series routers. These vulnerabilities allowed bad actors to execute unauthenticated remote code execution or run arbitrary commands on the underlying Linux operating system.

Cisco in its security advisory said, “The Cisco PSIRT is aware that proof-of-concept exploit code is available for several of the vulnerabilities that are described in this advisory.” These proof of concepts are not made public and were exploited by researchers with the Cisco RV340 router at the Pwn2Own hacking contest held in Austin, Texas, in November 2021.

Vulnerabilities in Cisco RV340 router
Cisco Small Business RV160, RV260, RV340, and RV345 Series routers are affected by these vulnerabilities. They have been assigned the CVE numbers starting with CVE-2022-20699 and ending with CVE-2022-20712, while the last one being d CVE-2022-20749.

How Attackers can exploit these vulnerabilities?
The attackers can exploit the vulnerabilities in a number of ways as follows:

  1. Achieve RCE
  2. Elevate their privileges to root and execute commands
  3. Install and boot a malicious software image or execute unsigned binaries on an affected device
  4. View or alter information that is shared between an affected device and specific Cisco servers
  5. Defeat authentication protections and access the devices’s web UI
  6. Inject and execute arbitrary commands on the underlying operating system
  7. Upload arbitrary files to an affected device
  8. Cause denial of service (DoS) condition in the login functionality of the web-based management interface
  9. Overwrite certain files on an affected device

Cisco explained, “Some of the vulnerabilities are dependent on one another. The exploitation of one of the vulnerabilities may be required to exploit another vulnerability.”

Users are advised to update the security patches for the above-mentioned routers as soon as possible as there is no workaround available. 

Currently, the security updates for RV340 and RV345 Series routers are available. While the updates for the RV160 and RV260 Series are in the works and will be released later this month. 

Related Articles:
Cisco Released Patches 3 New Critical Flaws Affecting IOS XE Software
Latest Trick can let Malware Fake iPhone Shutdown to Spy on Users Secretly
New Wave of Cyber Attacks Targets Palestine with Political Bait and Malware