{"id":23250,"date":"2022-02-06T08:38:03","date_gmt":"2022-02-06T07:38:03","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=23250"},"modified":"2022-02-06T09:05:50","modified_gmt":"2022-02-06T08:05:50","slug":"cisco-drama-kritische-schwachstellen-in-small-business-routern-feb-2022","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/02\/06\/cisco-drama-kritische-schwachstellen-in-small-business-routern-feb-2022\/","title":{"rendered":"Cisco drama: Critical vulnerabilities in small business routers (Feb. 2022)"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" width=\"200\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2022\/02\/06\/cisco-drama-kritische-schwachstellen-in-small-business-routern-feb-2022\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]Customers of Network supplier Cisco and its customers are currently at risk. Cisco has published a security notice regarding its small business routers (SMB) on February 2, 2022, which is quite something. There are several security holes in their firmware, three of which CVEs have been classified as critical with an index of 10\/10. It probably affects Cisco small business routers of the RV160, RV260, RV340 and RV345 series.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg04.met.vgwort.de\/na\/b9d73569aac0402d948f3a7d11db7621\" alt=\"\" width=\"1\" height=\"1\" \/>Cisco lists the details of the vulnerabilities for the RV160, RV260, RV340 and RV345 series small business routers in <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-smb-mult-vuln-KA9PK6D\" target=\"_blank\" rel=\"noopener\">this security alert<\/a>:<\/p>\n<ul>\n<li>Execute arbitrary code<\/li>\n<li>Elevate privileges<\/li>\n<li>Execute arbitrary commands<\/li>\n<li>Bypass authentication and authorization protections<\/li>\n<li>Fetch and run unsigned software<\/li>\n<li>Cause denial of service (DoS)<\/li>\n<\/ul>\n<p>Cisco has released software updates that address these vulnerabilities. Vulnerabilities CVE-2022-20700, CVE-2022-20702, CVE-2022-20703, CVE-2022-20704, CVE-2022-20705, and CVE-2022-20706 affect the following Cisco products:<\/p>\n<ul>\n<li>RV160 VPN Routers<\/li>\n<li>RV160W Wireless-AC VPN Routers<\/li>\n<li>RV260 VPN Routers<\/li>\n<li>RV260P VPN Routers with PoE<\/li>\n<li>RV260W Wireless-AC VPN Routers<\/li>\n<li>RV340 Dual WAN Gigabit VPN Routers<\/li>\n<li>RV340W Dual WAN Gigabit Wireless-AC VPN Routers<\/li>\n<li>RV345 Dual WAN Gigabit VPN Routers<\/li>\n<li>RV345P Dual WAN Gigabit POE VPN Routers<\/li>\n<\/ul>\n<p>Vulnerabilities CVE-2022-20699, CVE-2022-20701, CVE-2022-20707, CVE-2022-20708, CVE-2022-20709, CVE-2022-20710, CVE-2022-20711, CVE-2022-20712 and CVE-2022-20749 affect only the following Cisco products:<\/p>\n<ul>\n<li>RV340 Dual WAN Gigabit VPN Routers<\/li>\n<li>RV340W Dual WAN Gigabit Wireless-AC VPN Routers<\/li>\n<li>RV345 Dual WAN Gigabit VPN Routers<\/li>\n<li>RV345P Dual WAN Gigabit POE VPN Routers<\/li>\n<\/ul>\n<p>There are no workarounds to address these vulnerabilities. CVE-2022-20699, CVE-2022-20700 and CVE-2022-20708 have a CVSS base score of 10.0. Cisco has published the <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-smb-mult-vuln-KA9PK6D#details\" target=\"_blank\" rel=\"noopener\">details<\/a> of the respective vulnerabilities as well as <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-smb-mult-vuln-KA9PK6D#fs\" target=\"_blank\" rel=\"noopener\">software updates<\/a> for various devices. Those who have such devices in use should take care of firmware updates as soon as possible.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Customers of Network supplier Cisco and its customers are currently at risk. Cisco has published a security notice regarding its small business routers (SMB) on February 2, 2022, which is quite something. There are several security holes in their firmware, &hellip; <a href=\"https:\/\/borncity.com\/win\/2022\/02\/06\/cisco-drama-kritische-schwachstellen-in-small-business-routern-feb-2022\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[448,580],"tags":[642,69],"class_list":["post-23250","post","type-post","status-publish","format-standard","hentry","category-devices","category-security","tag-devices","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/23250","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=23250"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/23250\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=23250"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=23250"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=23250"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}