Buffer overflow in Cisco Systems, Inc products - CVE-2022-20945
Published: September 29, 2022
Vulnerability identifier: #VU67758
CSH Severity: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2022-20945
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco Aironet 1540 Series Access Points
Cisco Aironet 1560 Series Access Points
Cisco Aironet 1800 Series Access Points
Cisco 1810 Aironet Access Points
Cisco Aironet 1815 Series Access Points
Cisco Aironet 1840 Series Access Points
Cisco Aironet 1850 Series Access Points
Cisco Aironet 2800 Series Access Points
Cisco Catalyst 9800 Series Wireless Controllers
Aironet 1810w Series Access Points
Aironet 1830 Series Access Points
Aironet 4800 Access Points
Catalyst 9105AX Series Access Points
Catalyst 9115AX Series Access Points
Catalyst 9117AX Series Access Points
Catalyst 9120AX Series Access Points
Catalyst 9124AX Series
Catalyst 9130AX Series Access Points
Catalyst IW6300 Heavy Duty Series Access Points
Cisco Aironet 1540 Series Access Points
Cisco Aironet 1560 Series Access Points
Cisco Aironet 1800 Series Access Points
Cisco 1810 Aironet Access Points
Cisco Aironet 1815 Series Access Points
Cisco Aironet 1840 Series Access Points
Cisco Aironet 1850 Series Access Points
Cisco Aironet 2800 Series Access Points
Cisco Catalyst 9800 Series Wireless Controllers
Aironet 1810w Series Access Points
Aironet 1830 Series Access Points
Aironet 4800 Access Points
Catalyst 9105AX Series Access Points
Catalyst 9115AX Series Access Points
Catalyst 9117AX Series Access Points
Catalyst 9120AX Series Access Points
Catalyst 9124AX Series
Catalyst 9130AX Series Access Points
Catalyst IW6300 Heavy Duty Series Access Points
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation of certain parameters within association request frames received by the AP. A remote attacker can send specially crafted traffic to the device, trigger a buffer overflow and perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.