How To Fix CVE-2022-20650- The New RCE Vulnerability In Cisco Switches?

Cisco has published advisory for three high severity and one medium severity vulnerability. Successful exploitation of the vulnerabilities could take over the vulnerable Cisco appliances. The flaws CVE-2022-20650 with a base score of 8.8 is the most critical vulnerability among the four, which allows an authenticated, remote attacker to execute arbitrary commands with root privileges. We recommend all the Cisco Switch owners to read this post that tells how to fix CVE-2022-20650- the new Remote Code Execution RCE vulnerability in Cisco Switches.

List Of Other Vulnerabilities Disclosed In Cisco Switches Are:

Summary Of CVE-2022-20650:

This is the most critical vulnerability on the list. This vulnerability allows authenticated remote attackers to execute arbitrary commands with root privileges. The flaw is due to improper validation of user input data sent to the NX-API in Cisco NX-OS Software. This is an easily exploitable flaw. Attackers can exploit the flaw just by sending a crafted HTTP POST request to the NX-API of an affected Cisco Switch. 

Cisco Switches Affected By CVE-2022-20650:

The flaw affects these Switch models running these vulnerable Cisco NX-OS Software with enabled NX-API feature.

Cisco Switcher Not-Affected By CVE-2022-20650:

Cisco clearly says that these models are safe and not affected by the CVE-2022-20650 flaw. Owners of these models can ignore the vulnerability.

How To Fix CVE-2022-20650- The New RCE Vulnerability In Cisco Switches?

Since the CVE-2022-20650 vulnerability is in the NX-API feature of Cisco NX-OS Software, the best and quick solution is to disable the NX-API on the devices. We recommend all the users of the affected devices update the Cisco NS-OS to the latest available version as Cisco has acknowledged the vulnerability by releasing the free software updates. 

NX-API Feature is enabled by default for local access and disabled by default for remote HTTP access on all the devices. In case you want to check the status of NX-API Feature in the Cisco Switches, just run this simple command show feature | include nxapi on the command line interface.

nxos# show feature | include nxapi
nxapi                1        enabled

Go Through These Basic NX-API Commands For Your Reference:

Please find the full list of NX-API commands with configuration examples here.

We hope this post would help you know How to Fix CVE-2022-20650- The new RCE Vulnerability in Cisco Switches. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this. 

You may also like these articles: