Cisco SD-WAN Software Privilege Escalation Vulnerabilities – CVE-2022-20775, CVE-2022-20818
Alert Severity: High
Issue Date: 2022-09-29
CVE(s): CVE-2022-20775, CVE-2022-20818
Impacted Products and Versions:
- SD-WAN vBond Orchestrator Software
- SD-WAN vEdge Cloud Routers
- SD-WAN vEdge Routers
- SD-WAN vManage Software
- SD-WAN vSmart Controller Software
Description:
Multiple vulnerabilities found in the CLI of Cisco SD-WAN Software. These vulnerabilities could allow an authenticated, local attacker to gain elevated privileges.
An attacker can exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit can allow the attacker to execute arbitrary commands as the root user.
These vulnerabilities are due to improper access controls on commands within the application CLI.
Mitigation:
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. Below table shows list of vulnerable versions and fixed released available.
CVE-2022-20775
| Cisco SD-WAN Software vulnerable | First Fixed Release |
| 18.4 and earlier | Migrate to a fixed release. |
| 19.2 | Migrate to a fixed release. |
| 20.3 | Migrate to a fixed release. |
| 20.6 | 20.6.3 |
| 20.7 | 20.7.2 |
| 20.8 | 20.8.1 |
| 20.9 | Not affected. |
CVE-2022-20818
| Cisco SD-WAN Software vulnerable | First Fixed Release |
| 18.4 and earlier | Migrate to a fixed release. |
| 19.2 | Migrate to a fixed release. |
| 20.3 | Migrate to a fixed release. |
| 20.6 | Migrate to a fixed release. |
| 20.7 | Migrate to a fixed release. |
| 20.8 | Migrate to a fixed release. |