CONFERENCE Now Live: CISO Forum Virtual Summit - Join Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Cisco Patches High-Severity Vulnerabilities in Business Switches

Cisco this week announced patches for two vulnerabilities impacting the NX-OS software that powers its Nexus-series business switches.

Impacting the OSPF version 3 (OSPFv3) feature of NX-OS, the first of these issues is tracked as CVE-2022-20823 and could be exploited remotely, without authentication, to cause a denial-of-service (DoS) condition.

Cisco this week announced patches for two vulnerabilities impacting the NX-OS software that powers its Nexus-series business switches.

Impacting the OSPF version 3 (OSPFv3) feature of NX-OS, the first of these issues is tracked as CVE-2022-20823 and could be exploited remotely, without authentication, to cause a denial-of-service (DoS) condition.

The flaw exists due to incomplete input validation of specific OSPFv3 packets, allowing an attacker to send a malicious OSPFv3 link-state advertisement (LSA) to a vulnerable device in order to trigger the bug.

“A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition,” Cisco notes in an advisory.

The tech giant also notes that the OSPFv3 feature is disabled by default and that an attacker can exploit the vulnerability if they can “establish a full OSPFv3 neighbor state with an affected device”.

The second NX-OS vulnerability that Cisco addressed this week can also be exploited to cause a DoS condition. Tracked as CVE-2022-20824, the bug resides in the Cisco Discovery Protocol feature and impacts the FXOS software as well.

Caused by the improper validation of specific values within a Cisco Discovery Protocol message, the flaw can be exploited by sending malicious Discovery Protocol packets to a vulnerable device.

“A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition,” Cisco explains.

Advertisement. Scroll to continue reading.

Because the Discovery Protocol is a Layer 2 protocol, an attacker looking to exploit the flaw has to be Layer 2 adjacent (in the same broadcast domain) to the affected device.

Cisco has released software updates to address these vulnerabilities and recommends that customers use the Cisco Software Checker to identify FXOS or NX-OS releases that fix the issues described in the advisories that the tool identifies.

The company says these vulnerabilities are not exploited in attacks and that it is not aware of the public existence of exploit code targeting them.

This week, Cisco also resolved CVE-2022-20921, a high-severity elevation of privilege flaw in the API implementation of ACI Multi-Site Orchestrator (MSO) caused by improper authorization on a specific API.

An attacker authenticated with non-administrator privileges could use crafted HTTP requests to exploit the vulnerability and elevate privileges to administrator.

Cisco ACI MSO releases 3.1, 3.0 and earlier were found vulnerable. ACI MSO version 3.1(1n) resolves this issue. ACI MSO release 3.2 is not affected.

According to Cisco, proof-of-concept exploit code targeting CVE-2022-20921 has been released publicly, but the company is not aware of malicious attacks targeting it.

Related: Cisco Patches High-Severity Vulnerability in Security Solutions

Related: Cisco Warns of Exploitation Attempts Targeting New IOS XR Vulnerability

Related: Cisco Patches Critical Vulnerability in Email Security Appliance

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Gant Redmon has joined Trustle as its new Chief Executive Officer and Board Director.

Application security firm Black Duck has appointed Sean Forkan as Chief Revenue Officer.

Jared Bartel has been named CISO at Idaho State University.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.