Cisco SD-WAN CLI: Auth Local File Overwrite via Insufficient Input Validation
CVE-2022-20930 Published on September 30, 2022
Cisco SD-WAN Software Arbitrary File Corruption Vulnerability
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition.
Vulnerability Analysis
CVE-2022-20930 is exploitable with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is an Argument Injection Vulnerability?
The software constructs a string for a command to executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.
CVE-2022-20930 has been classified to as an Argument Injection vulnerability or weakness.
Products Associated with CVE-2022-20930
Want to know whenever a new CVE is published for Cisco products? stack.watch will email you.
Affected Versions
Cisco SD-WAN vManage Version n/a is affected by CVE-2022-20930Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.