KEVIntel

Vulnerability detail

Enriched intelligence for a single CVE

Back to KEVs

10.0

CVSS
Critical

CVE-2022-20700

PUBLISHED

Cisco Small Business RV Series Routers Vulnerabilities

Exploited in the wild Remote Low complexity No user interaction

Vendor: Cisco
Product: Cisco Small Business RV Series Router Firmware
Published: Feb 10, 2022
EPSS: —

Description

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.

windows cisa edge

CVSS scores

CVSS v3.1 10.0 Critical

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2022-03-03 00:00:00 UTC · Source

SSVC decision points

Exploitation: active
Automatable: Yes
Technical impact: total

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Mar 03, 2022

Timeline

CVE ID Reserved

November 02, 2021
CVE Published to Public

February 10, 2022
Added to KEVIntel

March 03, 2022