Rewterz Threat Advisory – CVE-2022-20923 – Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Vulnerability

Rewterz Threat Advisory – CVE-2022-20863 – Cisco Webex App Vulnerability

September 8, 2022

Rewterz Threat Advisory – CVE-2022-3071 – Google ChromeOS Ash Vulnerability

September 8, 2022

Rewterz Threat Advisory – CVE-2022-20923 – Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-20923

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow a remote attacker to bypass security restrictions, caused by improper implementation of the password validation algorithm. By using specially-crafted credentials, an attacker could exploit this vulnerability to bypass authentication and access the IPSec VPN network.

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2022-20923

Affected Vendors

Cisco

Affected Products

Cisco RV110W Wireless-N VPN Firewall
Cisco RV130W Wireless-N Multifunction VPN Router
Cisco RV215W Wireless-N VPN Router
Cisco RV130 VPN Router

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

Cisco Security Advisory

Rewterz Threat Advisory – CVE-2022-20863 – Cisco Webex App Vulnerability

Rewterz Threat Advisory – CVE-2022-3071 – Google ChromeOS Ash Vulnerability

Rewterz Threat Advisory – CVE-2022-20923 – Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan