Rewterz Threat Advisory – CVE-2022-20917 – Cisco Jabber Client Software Vulnerability

October 6, 2022

Rewterz Threat Advisory – CVE-2022-20952 – Cisco AsyncOS Software for Cisco Secure Web Appliance Vulnerability

October 6, 2022

Rewterz Threat Advisory – CVE-2022-20793 – Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices Vulnerability

October 6, 2022

Severity

Medium

Analysis Summary

CVE-2022-20793

Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow a remote attacker to bypass security restrictions, caused by insufficient identity verification. By impersonating a legitimate device and responding to the pairing broadcast from an affected device, an attacker could exploit this vulnerability to access the affected device while impersonating a legitimate device.

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2022-20793

Affected Vendors

Cisco

Affected Products

Cisco RoomOS Software
Cisco Telepresence CE Software
Cisco Touch 10 Devices

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

Cisco Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2022-20917 – Cisco Jabber Client Software Vulnerability

Rewterz Threat Advisory – CVE-2022-20952 – Cisco AsyncOS Software for Cisco Secure Web Appliance Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.