Rewterz Threat Advisory – CVE-2022-20863 – Cisco Webex App Vulnerability
September 8, 2022Rewterz Threat Advisory – CVE-2022-3071 – Google ChromeOS Ash Vulnerability
September 8, 2022Rewterz Threat Advisory – CVE-2022-20863 – Cisco Webex App Vulnerability
September 8, 2022Rewterz Threat Advisory – CVE-2022-3071 – Google ChromeOS Ash Vulnerability
September 8, 2022Severity
Medium
Analysis Summary
CVE-2022-20923
Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow a remote attacker to bypass security restrictions, caused by improper implementation of the password validation algorithm. By using specially-crafted credentials, an attacker could exploit this vulnerability to bypass authentication and access the IPSec VPN network.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-20923
Affected Vendors
Cisco
Affected Products
- Cisco RV110W Wireless-N VPN Firewall
- Cisco RV130W Wireless-N Multifunction VPN Router
- Cisco RV215W Wireless-N VPN Router
- Cisco RV130 VPN Router
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.