Rewterz Threat Advisory – CVE-2021-4160 – OpenSSL weak security Vulnerability
January 31, 2022Rewterz Threat Alert – Lazarus APT Group – Active IOCs
January 31, 2022Severity
High
Analysis Summary
CVE-2022-20685
Multiple Cisco Products Snort Modbus are vulnerable to a denial of service, caused by an integer overflow while processing Modbus traffic. By sending specially-crafted Modbus traffic, a remote attacker could exploit this vulnerability to cause the Snort process to hang.
Impact
- Denial of Service
Affected Vendors
Cisco
Affected Products
- Cisco Integrated Services Virtual Router (ISRv)
- Cisco 1000 Series Integrated Services Routers (ISRs)
- Cisco 4000 Series Integrated Services Routers (ISRs)
- Cisco Catalyst 8000V Edge Software
- Cisco Catalyst 8200 Series Edge Platforms
- Cisco Catalyst 8300 Series Edge Platforms
- Cisco Cloud Services Routers 1000V Series
- Cisco Catalyst 8500 Series Edge Platforms
- Cisco Catalyst 8500L Series Edge Platforms
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.