How to Fix CVE-2022-20775 And CVE-2022-20818- Two Privilege Escalation Vulnerabilities in Cisco SD-WAN Software

The network appliances manufacturer giant Cisco published an advisory on 28 September 2022 (Updated on 29 September 2022) in which Cisco detailed about two privilege escalation vulnerabilities in Cisco SD-WAN Software. The vulnerabilities tracked as CVE-2022-20775 and CVE-2022-20818 are a High severity vulnerabilities with a CVSS score of 7.8 out of 10. The vulnerability is actually lice in the CLI of Cisco SD-WAN Software that could allow an authenticated, local attacker to gain elevated privileges on an affected system. Since this flaw allows the attacker to gain elevated privileges and run arbitrary commands as the root user which can cause potential threat to the system, it is most important to fix the CVE-2022-20775 And CVE-2022-20818 vulnerabilities. Let’s see how to fix CVE-2022-20775 And CVE-2022-20818, two privilege escalation vulnerabilities in Cisco SD-WAN Software, in this post.

A Short Note on Cisco SD-WAN Solution

Cisco SD-WAN is a software-defined wide area network (SD-WAN) solution that makes it easy to deploy and manage WAN connectivity for branch offices, cloud resources, and data centers. Cisco SD-WAN provides a single platform for all WAN connectivity needs, including point-to-point links, MPLS circuits, and Internet connections. Cisco SD-WAN offers many benefits over traditional WAN solutions, including simplified deployment and management, reduced costs, increased agility, and improved performance. Cisco SD-WAN is available as a stand-alone product or as part of the Cisco ONE Enterprise Networking bundle.

Summary of CVE-2022-20775 And CVE-2022-20818

This is an privilege escalation Vulnerability in Cisco SD-WAN Software, a solution that makes it easy to deploy and manage WAN connectivity for branch offices, cloud resources, and data centers. The flaw is due improper access controls on commands within the application CLI. This vulnerability could allow authenticated, local attacker to gain elevated privileges and run a malicious command on the application CLI on the vulnerable release which can cause attacker to execute arbitrary commands as the root user. 

Associated CVE ID CVE-2022-20775 And CVE-2022-20818
Description Two Privilege Escalation Vulnerabilities in Cisco SD-WAN
Associated ZDI ID
CVSS Score 7.8 High
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV) Local
Attack Complexity (AC) Low
Privilege Required (PR) Low
User Interaction (UI) None
Scope Unchanged
Confidentiality (C) High
Integrity (I) High
availability (a) High

Cisco Products Vulnerable to CVE-2022-20775 And CVE-2022-20818

These vulnerabilities affect the below given products if they are running a vulnerable versions of Cisco SD-WAN Software:

1.      SD-WAN vEdge Routers

2.      SD-WAN vBond Orchestrator Software

3.      SD-WAN vManage Software

4.      SD-WAN vEdge Cloud Routers

5.      SD-WAN vSmart Controller Software

Note: Cisco IOS XE SD-WAN Software is the only CISCO product that is not affected by CVE-2022-20775 And CVE-2022-20818 vulnerabilities.

How to Fix CVE-2022-20775 And CVE-2022-20818- Two Privilege Escalation Vulnerabilities in Cisco SD-WAN Software?

There is no proper workaround addressing these vulnerabilities, but Cisco has released software updates for the products affected by the vulnerabilities. Updating the existing software releases of the products to the latest version is the best way to avoid vulnerability exploitation.

Below are the tables presenting the possible software releases that can fix CVE-2022-20775 and CVE-2022-20818 according to Cisco Product Security Incident Response Team (PSIRT).

CVE-2022-20775

Cisco SD-WAN Software Release First Fixed Release
20.9 Not affected
20.8 20.8.1
20.7 20.7.2
20.6 20.6.3
20.3 Moved to a fixed release
19.2 Moved to a fixed release
18.4 and previous versions Moved to a fixed release

CVE-2022-20818

Cisco SD-WAN Software Release First Fixed Release
20.9 Not affected
20.8 Moved to a fixed release
20.7 Moved to a fixed release
20.6 Moved to a fixed release
20.3 Moved to a fixed release
19.2 Moved to a fixed release
18.4 and previous versions Moved to a fixed release

How to Upgrade the Cisco SD-WAN vEdge, vBond, and vSmart Softeare?

Follow this simple procedure to upgrade the Cisco SD-WAN vBond, and vSmart Softeare.

Source: SivakumarNetLabs

How to Upgrade the Cisco SD-WAN vManage Software?

Follow this simple procedure to upgrade the Cisco SD-WAN vManage Software.

Source: SivakumarNetLabs

Time needed: 30 minutes.

How to Upgrade the vManage Software in Cisco SD-WAN?

  1. Browse Cisco Software Download Center.

    Cisco is serving a dedicated upgrade images for Cisco SD-WAN vManage Software on its Software Download Center: https://software.cisco.com/download/home/286320995/typeCisco Software Download Center

  2. Download the upgrade image from the Cisco Software Download Center.

    Click on ‘SD-WAN Software Update’ to and select the latest version available to download. In this case we have selected v20.3.1(ED). Download both the files if needed.Downloading the upgrade image from the Cisco Software Download Center

  3. Add the Upgrade image to the Cisco vManage Software.

    To upload the image to the Software Repository, Go to Maintenance -> Software Repository in the Cisco vManage console. Click the ‘Add new Software‘ dropdown and select ‘vManage‘ option.

    Browse the image and upload the downloaded upgrade image to the Software Repository.

    Note: Upload the vmanage-20.9.1-x86_64.tar.gz before uploading the viptela-20.9.1-x86_64.tar.gz.Adding the Upgrade image to the Cisco vManage Software

  4. Apply the upgrade image.

    To apply the image, again go to Maintenance -> Software Upgrade. You will see three options, WAN Edge, Controller, and vManage. Select the vManage option. Click on the ‘Upgrade‘ then choose the version from the dropdown then click on the ‘Upgrade’ button.

    The upgradation process will take few minutes to complete.Applying the upgrade image.

  5. Activate the upgrade package.

    The activation procedure is very simple and straight. Go to Maintenance -> Software Upgrade. Select the vManage option. Click on ‘Activate‘. then choose the version from the dropdown then click on the ‘Activate‘ button. SD-WAN appliance will reboot by itself as part of the activation process. That’s it. This is how you should upgrade the vManage Software on Cisco SD-WAN.Activating the upgrade package.

  6. Verify the vManage version on Cisco SD-WAN.

    Issue this command on CLI to see the version of vManage. Alternatively, you can go to Help -> About to see the version info on the GUI console.

    # sh soft

Cisco Software Checker Utility

Cisco has published Cisco Software Checker service to search for Cisco Security Advisories for specific Cisco IOS, IOS XE, NX-OS, and NX-OS in ACI Mode software releases. We recommend to use this awesome tool from Cisco to ensure no advisories are skipped to action against the discovered known vulnerabilities.

How to Fix CVE-2022-20775 And CVE-2022-20818- Two Privilege Escalation Vulnerabilities in Cisco SD-WAN Software
Cisco Software Checker Utility

We hope this post will help you know how to fix CVE-2022-20775 and CVE-2022-20818, two privilege escalation vulnerabilities in Cisco SD-WAN Software. Please share this post if you find this interested. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this.

原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/290640.html

(0)
上一篇 2022年10月20日
下一篇 2022年10月21日

相关推荐

发表回复

登录后才能评论