CVE-2022-20827
Published: 10 August 2022
Summary
CVE-2022-20827 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Cisco Rv160 Firmware. Its CVSS base score is 9.0 (Critical).
Operationally, ranked in the top 11.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Multiple vulnerabilities affect the Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers and are tracked under CVE-2022-20827. The issues, which map to CWE-120 and CWE-78, carry a CVSS 3.1 score of 9.0 and could permit an unauthenticated remote attacker to execute arbitrary code or trigger a denial-of-service condition on an affected device.
An attacker with no credentials and only network access can exploit the flaws, potentially gaining full control of the router or rendering it unavailable. The attack vector is rated as network-reachable with high complexity, yet successful exploitation would impact confidentiality, integrity, and availability across a security-context boundary.
The official Cisco Security Advisory at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR supplies additional technical detail and recommended actions for the affected router series.
EPSS scores have remained low, reaching a peak of only 0.0584 well after disclosure before receding to the current value of 0.0374.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-26077
Vulnerability details
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these…
more
vulnerabilities, see the Details section of this advisory.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.
Validates inputs to block special elements that would alter OS command execution.