Table of Contents
  • Home
  • /
  • Blog
  • /
  • How To Fix CVE-2022-20650- The New RCE Vulnerability In Cisco Switches?
February 25, 2022

How To Fix CVE-2022-20650- The New RCE Vulnerability In Cisco Switches?

How To Fix Cve 2022 20650 The New Rce Vulnerability In Cisco Switches

Cisco has published advisory for three high severity and one medium severity vulnerability. Successful exploitation of the vulnerabilities could take over the vulnerable Cisco appliances. The flaws CVE-2022-20650 with a base score of 8.8 is the most critical vulnerability among the four, which allows an authenticated, remote attacker to execute arbitrary commands with root privileges. We recommend all the Cisco Switch owners to read this post that tells how to fix CVE-2022-20650- the new Remote Code Execution RCE vulnerability in Cisco Switches.

List Of Other Vulnerabilities Disclosed In Cisco Switches Are:

Summary Of CVE-2022-20650:

This is the most critical vulnerability on the list. This vulnerability allows authenticated remote attackers to execute arbitrary commands with root privileges. The flaw is due to improper validation of user input data sent to the NX-API in Cisco NX-OS Software. This is an easily exploitable flaw. Attackers can exploit the flaw just by sending a crafted HTTP POST request to the NX-API of an affected Cisco Switch. 

Cisco Switches Affected By CVE-2022-20650:

The flaw affects these Switch models running these vulnerable Cisco NX-OS Software with enabled NX-API feature.

Cisco Switcher Not-Affected By CVE-2022-20650:

Cisco clearly says that these models are safe and not affected by the CVE-2022-20650 flaw. Owners of these models can ignore the vulnerability.

  • Firepower 1000 Series

  • Firepower 2100 Series

  • Firepower 4100 Series

  • Firepower 9300 Security Appliances

  • MDS 9000 Series Multilayer Switches

  • Nexus 1000 Virtual Edge for VMware vSphere

  • Nexus 1000V Switch for Microsoft Hyper-V

  • Nexus 1000V Switch for VMware vSphere

  • Nexus 7000 Series Switches

  • Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode

  • UCS 6200 Series Fabric Interconnects

  • UCS 6300 Series Fabric Interconnects

  • UCS 6400 Series Fabric Interconnects

How To Fix CVE-2022-20650- The New RCE Vulnerability In Cisco Switches?

Since the CVE-2022-20650 vulnerability is in the NX-API feature of Cisco NX-OS Software, the best and quick solution is to disable the NX-API on the devices. We recommend all the users of the affected devices update the Cisco NS-OS to the latest available version as Cisco has acknowledged the vulnerability by releasing the free software updates. 

NX-API Feature is enabled by default for local access and disabled by default for remote HTTP access on all the devices. In case you want to check the status of NX-API Feature in the Cisco Switches, just run this simple command show feature | include nxapi on the command line interface.

nxos# show feature | include nxapi
nxapi                1        enabled

Go Through These Basic NX-API Commands For Your Reference:

feature nxapiEnables NX-API.
no feature nxapiDisables NX-API.
nxapi {http | https} port portSpecifies a port.
no nxapi {http | https}Disables HTTP/HTTPS.
show nxapiDisplays port and certificate information.

Please find the full list of NX-API commands with configuration examples here.

We hope this post would help you know How to Fix CVE-2022-20650- The new RCE Vulnerability in Cisco Switches. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Application Security

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.



View All

Learn Something New with Free Email subscription