April 18, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-20844 – Cisco Software-Defined Application Vulnerability
October 2, 2022Rewterz Threat Update – Microsoft Exchange Zero-Day Actively Exploited In The Wild
October 2, 2022Rewterz Threat Advisory – CVE-2022-20844 – Cisco Software-Defined Application Vulnerability
October 2, 2022Rewterz Threat Update – Microsoft Exchange Zero-Day Actively Exploited In The Wild
October 2, 2022
Severity
Medium
Analysis Summary
CVE-2022-20856
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility is vulnerable to a denial of service, caused by a logic error and improper management of resources related to the handling of CAPWAP Mobility messages. By sending specially-crafted CAPWAP Mobility packet, a remote attacker could exploit this vulnerability to cause the device to reload.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-20856
Affected Vendors
Cisco
Affected Products
- Cisco Catalyst 9800 Series Wireless Controllers
- Cisco Catalyst 9800 Embedded Wireless Controller for Catalyst 9300 Series Switches
- Cisco Catalyst 9800 Embedded Wireless Controller for Catalyst 9400 Series Switches
- Cisco Catalyst 9800 Embedded Wireless Controller for Catalyst 9500 Series Switches
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.
