CVE-2022-20841 — CRITICAL (9.0)

Q: How severe is CVE-2022-20841?

CVE-2022-20841 has been rated CRITICAL with a CVSS base score of 9.0/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2022-20841?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Rv160 Firmware, Cisco Rv160, Cisco Rv160W Firmware, Cisco Rv160W, Cisco Rv260 Firmware.

Vulnerability Description

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS Score

9.0

CRITICAL

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Cisco	Rv160 Firmware	< 1.0.01.05
Cisco	Rv160	-
Cisco	Rv160W Firmware	< 1.0.01.05
Cisco	Rv160W	-
Cisco	Rv260 Firmware	< 1.0.01.05
Cisco	Rv260	-
Cisco	Rv260P Firmware	< 1.0.01.05
Cisco	Rv260P	-
Cisco	Rv260W Firmware	< 1.0.01.05
Cisco	Rv260W	-
Cisco	Rv340 Firmware	< 1.0.03.26
Cisco	Rv340	-
Cisco	Rv340W Firmware	< 1.0.03.26
Cisco	Rv340W	-
Cisco	Rv345 Firmware	< 1.0.03.26
Cisco	Rv345	-
Cisco	Rv345P Firmware	< 1.0.03.26
Cisco	Rv345P	-

Related Weaknesses (CWE)

CWE-20 CWE-120

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sVendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sVendor Advisory

FAQ

What is CVE-2022-20841?

CVE-2022-20841 is a vulnerability with a CVSS score of 9.0 (CRITICAL). Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (D...

How severe is CVE-2022-20841?

CVE-2022-20841 has been rated CRITICAL with a CVSS base score of 9.0/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2022-20841?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Rv160 Firmware, Cisco Rv160, Cisco Rv160W Firmware, Cisco Rv160W, Cisco Rv260 Firmware.