Skip to main content

Mds 9506 Firmware CVE-2022-20824

HIGH
Stack-based Buffer Overflow (CWE-121)
2022-08-25 psirt@cisco.com
Denial Of Service Cisco Buffer Overflow RCE Stack Overflow Mds 9506 Firmware Mds 9513 Firmware Mds 9706 Firmware Mds 9710 Firmware Mds 9718 Firmware Nexus 1000V Firmware Nexus 3016 Firmware Nexus 3016Q Firmware Nexus 3048 Firmware Nexus 3064 Firmware Nexus 3064 32T Firmware Nexus 3064 T Firmware Nexus 3064 X Firmware Nexus 3064T Firmware Nexus 3064X Firmware Nexus 3100 Firmware Nexus 3100 V Firmware Nexus 3100 Z Firmware Nexus 3100V Firmware Nexus 31108Pc V Firmware Nexus 31108Pv V Firmware Nexus 31108Tc V Firmware Nexus 31128Pq Firmware Nexus 3132C Z Firmware Nexus 3132Q Firmware Nexus 3132Q V Firmware Nexus 3132Q X Firmware Nexus 3132Q X 3132Q Xl Firmware Nexus 3132Q Xl Firmware Nexus 3164Q Firmware Nexus 3172 Firmware Nexus 3172Pq Firmware Nexus 3172Pq Xl Firmware Nexus 3172Pq Pq Xl Firmware Nexus 3172Tq Firmware Nexus 3172Tq 32T Firmware Nexus 3172Tq Xl Firmware Nexus 3200 Firmware Nexus 3232C Firmware Nexus 3264C E Firmware Nexus 3264Q Firmware Nexus 3400 Firmware Nexus 3408 S Firmware Nexus 34180Yc Firmware Nexus 34200Yc Sm Firmware Nexus 3432D S Firmware Nexus 3464C Firmware Nexus 3524 Firmware Nexus 3524 X Firmware Nexus 3524 X Xl Firmware Nexus 3524 Xl Firmware Nexus 3548 Firmware Nexus 3548 X Firmware Nexus 3548 X Xl Firmware Nexus 3548 Xl Firmware Nexus 36180Yc R Firmware Nexus 3636C R Firmware Nexus 5548P Firmware Nexus 5548Up Firmware Nexus 5596T Firmware Nexus 5596Up Firmware Nexus 5600 Firmware Nexus 56128P Firmware Nexus 5624Q Firmware Nexus 5648Q Firmware Nexus 5672Up Firmware Nexus 5672Up 16G Firmware Nexus 5696Q Firmware Nexus 6000 Firmware Nexus 6001 Firmware Nexus 6001P Firmware Nexus 6001T Firmware Nexus 6004 Firmware Nexus 6004X Firmware Nexus 7000 Firmware Nexus 7000 Supervisor 1 Firmware Nexus 7000 Supervisor 2 Firmware Nexus 7000 Supervisor 2E Firmware Nexus 7004 Firmware Nexus 7009 Firmware Nexus 7010 Firmware Nexus 7018 Firmware Nexus 7700 Firmware Nexus 7700 Supervisor 2E Firmware Nexus 7700 Supervisor 3E Firmware Nexus 7702 Firmware Nexus 7706 Firmware Nexus 7710 Firmware Nexus 7718 Firmware Nexus 9000 Firmware Nexus 9000V Firmware Nexus 9200 Firmware Nexus 92160Yc X Firmware Nexus 9221C Firmware Nexus 92300Yc Firmware Nexus 92304Qc Firmware Nexus 92348Gc X Firmware Nexus 9236C Firmware Nexus 9272Q Firmware Nexus 9300 Firmware Nexus 93108Tc Ex Firmware Nexus 93108Tc Ex 24 Firmware Nexus 93108Tc Fx Firmware Nexus 93108Tc Fx 24 Firmware Nexus 93108Tc Fx3P Firmware Nexus 93120Tx Firmware Nexus 93128 Firmware Nexus 93128Tx Firmware Nexus 9316D Gx Firmware Nexus 93180Lc Ex Firmware Nexus 93180Tc Ex Firmware Nexus 93180Yc Ex Firmware Nexus 93180Yc Ex 24 Firmware Nexus 93180Yc Fx Firmware Nexus 93180Yc Fx 24 Firmware Nexus 93180Yc Fx3 Firmware Nexus 93180Yc Fx3S Firmware Nexus 93216Tc Fx2 Firmware Nexus 93240Yc Fx2 Firmware Nexus 9332C Firmware Nexus 9332Pq Firmware Nexus 93360Yc Fx2 Firmware Nexus 9336C Fx2 Firmware Nexus 9336C Fx2 E Firmware Nexus 9336Pq Firmware Nexus 9348Gc Fxp Firmware Nexus 93600Cd Gx Firmware Nexus 9364C Firmware Nexus 9364C Gx Firmware Nexus 9372Px Firmware Nexus 9372Px E Firmware Nexus 9372Tx Firmware Nexus 9372Tx E Firmware Nexus 9396Px Firmware Nexus 9396Tx Firmware Nexus 9500 Supervisor A Firmware Nexus 9500 Supervisor B Firmware Nexus 9500R Firmware Nexus 9504 Firmware Nexus 9508 Firmware Nexus 9516 Firmware
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 25, 2022 - 19:15 nvd
HIGH 8.8

DescriptionNVD

A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

AnalysisAI

A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-121. A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Affected products include: Cisco Mds 9506 Firmware, Cisco Mds 9513 Firmware, Cisco Mds 9706 Firmware, Cisco Mds 9710 Firmware, Cisco Mds 9718 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2022-20824 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy