CVE-2022-20700
Published: 10 February 2022
Summary
CVE-2022-20700 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Cisco Rv340 Firmware. Its CVSS base score is 10.0 (Critical).
Operationally, ranked in the top 3.4% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SC-7 (Boundary Protection).
Deeper analysis
Multiple vulnerabilities affect Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers and are tracked under CVE-2022-20700. The issues include stack-based buffer overflows and out-of-bounds writes that can be triggered over the network, leading to outcomes such as arbitrary code execution, privilege escalation, command execution, authentication bypass, execution of unsigned software, and denial of service. The vulnerabilities carry a maximum CVSS score of 10.0.
An unauthenticated remote attacker can exploit the flaws by sending specially crafted network requests to affected devices, achieving any of the impacts listed above without requiring user interaction or prior credentials.
The Cisco Security Advisory recommends applying the vendor-supplied firmware updates for each affected router model and following the configuration hardening steps outlined in the advisory. The entry also appears in the CISA Known Exploited Vulnerabilities catalog, confirming observed in-the-wild exploitation.
EPSS scores for this CVE rose from a low baseline to a peak of 0.3221, indicating that exploitation interest increased after public disclosure and that the issue merits renewed attention.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-25950
Vulnerability details
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned…
more
software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.
- CWE(s)
- KEV Date Added
- 03 March 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires applying vendor patches to remediate the stack-based buffer overflows and out-of-bounds write flaws in the RV-series router firmware.
Enforces input validation that would have blocked the malformed network requests triggering arbitrary code execution and DoS in these devices.
Restricts network-accessible management interfaces on the routers, reducing the unauthenticated remote attack surface exploited by CVE-2022-20700.