Cisco released several patches that address security vulnerabilities found in the company’s software. The most critical vulnerability, CVE-2022-20650 has a CVSS score of 8.8. It allows command injection in the NX-API feature of Cisco NX-OS Software, caused by the insufficient input validation of user-supplied data. It allows a third party to execute arbitrary commands with root privileges. Vulnerable products are:
- Nexus 3000 Series Switches
- Nexus 5500 Platform Switches
- Nexus 5600 Platform Switches
- Nexus 6000 Series Switches
- Nexus 9000 Series Switches in standalone NX-OS mode
No workarounds
Cisco also released three more updates. These updates are addressing vulnerabilities tracked as CVE-2022-20625, CVE-2022-20624, and CVE-2022-20623, which have a CVSS score of 4.3, 8.6, and 8,6 respectively. Only CVE-2022-20625 has a known workaround.
CVE-2022-20625 was found in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software. It allows an unauthorized and adjacent attacker to cause the service to restart which causes a denial of service condition. It is caused by the improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service, which can be exploited by sending a series of malicious Cisco Discovery Protocol messages. Vulnerable products are:
- Firepower 4100 Series
- Firepower 9300 Security Appliances
- MDS 9000 Series Multilayer Switches
- Nexus 1000 Virtual Edge for VMware vSphere
- Nexus 1000V Switch for Microsoft Hyper-V
- Nexus 1000V Switch for VMware vSphere
- Nexus 3000 Series Switches
- Nexus 5500 Platform Switches
- Nexus 5600 Platform Switches
- Nexus 6000 Series Switches
- Nexus 7000 Series Switches
- Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
- Nexus 9000 Series Switches in standalone NX-OS mode
- UCS 6200 Series Fabric Interconnects
- UCS 6300 Series Fabric Interconnects
- UCS 6400 Series Fabric Interconnects
CVE-2022-20624 is found in the Cisco Fabric Services over IP feature of Cisco NX-OS Software. It allows third parties to cause a denial of service. The flaw was caused by insufficient validation of incoming CFSoIP packets. The vulnerability can be exploited by sending crafted CFSoIP packets. Vulnerable products are:
- Nexus 3000 Series Switches
- Nexus 9000 Series Switches in standalone NX-OS mode
- UCS 6400 Series Fabric Interconnects
CVE-2022-20623 is a vulnerability located in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches. It allows third parties to cause BFD traffic to be dropped. The flaw is caused by a logic error in the BFD rate limiter functionality. It can be exploited by sending a crafted stream of traffic through the device. Vulnerable products are:
- The device is running a vulnerable version of Cisco NX-OS Software.
- The device has the BFD feature enabled (BFD is disabled by default).
- The device has a Cisco Cloud Scale ASIC installed.
- N9K-C92160YC-X
- N9K-C92300YC
- N9K-C92304QC
- N9K-C9232C
- N9K-C92348GC-X
- N9K-C9236C
- N9K-C9272Q
- N9K-C93108TC-EX
- N9K-C93108TC-FX
- N9K-C9316D-GX
- N9K-C93180LC-EX
- N9K-C93180YC2-FX
- N9K-C93180YC-EX
- N9K-C93180YC-FX
- N9K-C93216TC-FX2
- N9K-C93240YC-FX2
- N9K-C9332C
- N9K-C93360YC-FX2
- N9K-C9336C-FX2
- N9K-C9348GC-FXP
- N9K-C93600CD-GX
- N9K-C9364C
- N9K-C9364C-GX
- N9K-X97160YC-EX
- N9K-X97284YC-FX
- N9K-X9732C-EX
- N9K-X9732C-FX
- N9K-X9736C-EX
- N9K-X9736C-FX
- N9K-X9788TC-FX
Cisco urged users to apply the updates as soon as possible.