Vulnerability identifier: #VU67072

Vulnerability risk: Medium

CVSSv3.1: 6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-20923

CWE-ID: CWE-303

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
RV110W Wireless-N VPN Firewall
Hardware solutions / Routers for home users
Cisco Small Business RV130 Series VPN Routers
Hardware solutions / Routers for home users
RV130W Wireless-N Multifunction VPN Router
Hardware solutions / Routers for home users
RV215W Wireless-N VPN Router
Hardware solutions / Routers for home users

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the password validation algorithm in IPSec VPN Server authentication functionality. A remote non-authenticated attacker can bypass authentication process and gain unauthorized access to the IPSec VPN network.

Mitigation

The affected routers are no longer supported by the vendor and Cisco will not release any security patches to address this vulnerability. It is recommended to replace the affected devices.

Vulnerable software versions

RV110W Wireless-N VPN Firewall: All versions

Cisco Small Business RV130 Series VPN Routers: All versions

RV130W Wireless-N Multifunction VPN Router: All versions

RV215W Wireless-N VPN Router: All versions

---

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-vpnbypass-Cpheup9O
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwc57664
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwc57666
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwc57640

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.