How serious is CVE-2022-20775?

This vulnerability has a CVSS score of 7.8 out of 10, classified as HIGH severity. Proof-of-concept exploit code is publicly available, making this an active threat.

Is there exploit code available for CVE-2022-20775?

Yes, proof-of-concept exploit code for CVE-2022-20775 is publicly available on GitHub and security research platforms. This increases the risk of active exploitation.

Which products are affected by CVE-2022-20775?

CVE-2022-20775 affects cisco catalyst sd-wan manager. Check the full CVE details for specific version information.

How do I fix CVE-2022-20775?

To remediate CVE-2022-20775, check for security patches from cisco. Apply all available updates and security patches. If no patch is available, implement recommended workarounds or security controls to mitigate the risk.

CVE-2022-20775

High

|7.8

Exploit Available

Plain English Summary

AI-powered analysis for quick understanding

An attacker with local access to the Cisco SD-WAN Software can run specially crafted commands to gain root-level control of the system, allowing them to execute any command they want. This vulnerability requires the attacker to be authenticated and have access to the command line interface.

Technical Description

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF

CVSS Vector Analysis

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredLow

User InteractionNone

Confidentiality ImpactHigh

Integrity ImpactHigh

Availability ImpactHigh

ScopeUnchanged

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploit Resources

Search for proof-of-concept code and exploit modules

GitHub Search Exploit-DB Nuclei Templates Metasploit Vulners

Official References

NIST NVD

Est. Bounty

$2,684($1K-$5K)

Vendor Response

Grade FPatched in 1244 days

Quick Information

Published

Sep 30, 2022

over 3 years ago

Last Modified

Feb 26, 2026

about 1 month ago

Vendor

cisco

Product

catalyst sd-wan manager

Related Vulnerabilities

CVE-2024-20340Medium

An attacker with a valid account on the Cisco Secure Firewall Management Center can exploit a vulnerability in its web interface to perform an SQL injection, allowing them to read sensitive database information and gain limited access to the underlying operating system. This requires the attacker to have specific roles like Security Approver or Network Admin, making it a targeted threat.

CVE-2024-20358Medium

An attacker with administrator-level access could exploit a flaw in Cisco's security software to run any command on the device's operating system with full control. This is possible because the system doesn't properly check the contents of backup files when they are restored, allowing a maliciously crafted backup to be used for the attack.