• Home
  • |
  • Blog
  • |
  • How to Fix CVE-2022-20775 And CVE-2022-20818- Two Privilege Escalation Vulnerabilities in Cisco SD-WAN Software
How to Fix CVE-2022-20775 And CVE-2022-20818- Two Privilege Escalation Vulnerabilities in Cisco SD-WAN Software

The network appliances manufacturer giant Cisco published an advisory on 28 September 2022 (Updated on 29 September 2022) in which Cisco detailed about two privilege escalation vulnerabilities in Cisco SD-WAN Software. The vulnerabilities tracked as CVE-2022-20775 and CVE-2022-20818 are a High severity vulnerabilities with a CVSS score of 7.8 out of 10. The vulnerability is actually lice in the CLI of Cisco SD-WAN Software that could allow an authenticated, local attacker to gain elevated privileges on an affected system. Since this flaw allows the attacker to gain elevated privileges and run arbitrary commands as the root user which can cause potential threat to the system, it is most important to fix the CVE-2022-20775 And CVE-2022-20818 vulnerabilities. Let’s see how to fix CVE-2022-20775 And CVE-2022-20818, two privilege escalation vulnerabilities in Cisco SD-WAN Software, in this post.

A Short Note on Cisco SD-WAN Solution

Cisco SD-WAN is a software-defined wide area network (SD-WAN) solution that makes it easy to deploy and manage WAN connectivity for branch offices, cloud resources, and data centers. Cisco SD-WAN provides a single platform for all WAN connectivity needs, including point-to-point links, MPLS circuits, and Internet connections. Cisco SD-WAN offers many benefits over traditional WAN solutions, including simplified deployment and management, reduced costs, increased agility, and improved performance. Cisco SD-WAN is available as a stand-alone product or as part of the Cisco ONE Enterprise Networking bundle.

Summary of CVE-2022-20775 And CVE-2022-20818

This is an privilege escalation Vulnerability in Cisco SD-WAN Software, a solution that makes it easy to deploy and manage WAN connectivity for branch offices, cloud resources, and data centers. The flaw is due improper access controls on commands within the application CLI. This vulnerability could allow authenticated, local attacker to gain elevated privileges and run a malicious command on the application CLI on the vulnerable release which can cause attacker to execute arbitrary commands as the root user. 

Associated CVE IDCVE-2022-20775 And CVE-2022-20818
DescriptionTwo Privilege Escalation Vulnerabilities in Cisco SD-WAN
Associated ZDI ID
CVSS Score7.8 High
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV)Local
Attack Complexity (AC)Low
Privilege Required (PR)Low
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

Cisco Products Vulnerable to CVE-2022-20775 And CVE-2022-20818

These vulnerabilities affect the below given products if they are running a vulnerable versions of Cisco SD-WAN Software:

1.      SD-WAN vEdge Routers

2.      SD-WAN vBond Orchestrator Software

3.      SD-WAN vManage Software

4.      SD-WAN vEdge Cloud Routers

5.      SD-WAN vSmart Controller Software

Note: Cisco IOS XE SD-WAN Software is the only CISCO product that is not affected by CVE-2022-20775 And CVE-2022-20818 vulnerabilities.

How to Fix CVE-2022-20775 And CVE-2022-20818- Two Privilege Escalation Vulnerabilities in Cisco SD-WAN Software?

There is no proper workaround addressing these vulnerabilities, but Cisco has released software updates for the products affected by the vulnerabilities. Updating the existing software releases of the products to the latest version is the best way to avoid vulnerability exploitation.

Below are the tables presenting the possible software releases that can fix CVE-2022-20775 and CVE-2022-20818 according to Cisco Product Security Incident Response Team (PSIRT).

CVE-2022-20775

Cisco SD-WAN Software ReleaseFirst Fixed Release
20.9Not affected
20.820.8.1
20.720.7.2
20.620.6.3
20.3Moved to a fixed release
19.2Moved to a fixed release
18.4 and previous versionsMoved to a fixed release

CVE-2022-20818

Cisco SD-WAN Software ReleaseFirst Fixed Release
20.9Not affected
20.8Moved to a fixed release
20.7Moved to a fixed release
20.6Moved to a fixed release
20.3Moved to a fixed release
19.2Moved to a fixed release
18.4 and previous versionsMoved to a fixed release

How to Upgrade the Cisco SD-WAN vEdge, vBond, and vSmart Softeare?

Follow this simple procedure to upgrade the Cisco SD-WAN vBond, and vSmart Softeare.

Source: SivakumarNetLabs

How to Upgrade the Cisco SD-WAN vManage Software?

Follow this simple procedure to upgrade the Cisco SD-WAN vManage Software.

Source: SivakumarNetLabs

Time needed: 30 minutes.

How to Upgrade the vManage Software in Cisco SD-WAN?

  1. Browse Cisco Software Download Center.

    Cisco is serving a dedicated upgrade images for Cisco SD-WAN vManage Software on its Software Download Center: https://software.cisco.com/download/home/286320995/typeCisco Software Download Center

  2. Download the upgrade image from the Cisco Software Download Center.

    Click on ‘SD-WAN Software Update’ to and select the latest version available to download. In this case we have selected v20.3.1(ED). Download both the files if needed.Downloading the upgrade image from the Cisco Software Download Center

  3. Add the Upgrade image to the Cisco vManage Software.

    To upload the image to the Software Repository, Go to Maintenance -> Software Repository in the Cisco vManage console. Click the ‘Add new Software‘ dropdown and select ‘vManage‘ option.

    Browse the image and upload the downloaded upgrade image to the Software Repository.

    Note: Upload the vmanage-20.9.1-x86_64.tar.gz before uploading the viptela-20.9.1-x86_64.tar.gz.Adding the Upgrade image to the Cisco vManage Software

  4. Apply the upgrade image.

    To apply the image, again go to Maintenance -> Software Upgrade. You will see three options, WAN Edge, Controller, and vManage. Select the vManage option. Click on the ‘Upgrade‘ then choose the version from the dropdown then click on the ‘Upgrade’ button.

    The upgradation process will take few minutes to complete.Applying the upgrade image.

  5. Activate the upgrade package.

    The activation procedure is very simple and straight. Go to Maintenance -> Software Upgrade. Select the vManage option. Click on ‘Activate‘. then choose the version from the dropdown then click on the ‘Activate‘ button. SD-WAN appliance will reboot by itself as part of the activation process. That’s it. This is how you should upgrade the vManage Software on Cisco SD-WAN.Activating the upgrade package.

  6. Verify the vManage version on Cisco SD-WAN.

    Issue this command on CLI to see the version of vManage. Alternatively, you can go to Help -> About to see the version info on the GUI console.

    # sh soft

Cisco Software Checker Utility

Cisco has published Cisco Software Checker service to search for Cisco Security Advisories for specific Cisco IOS, IOS XE, NX-OS, and NX-OS in ACI Mode software releases. We recommend to use this awesome tool from Cisco to ensure no advisories are skipped to action against the discovered known vulnerabilities.

Cisco Software Checker Utility

We hope this post would help you know how to fix CVE-2022-20775 and CVE-2022-20818, two privilege escalation vulnerabilities in Cisco SD-WAN Software. Please share this post if you find this interested. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this.

About the author

Arun KL

Hi All, I am Arun KL, an IT Security Professional. Founder of “thesecmaster.com”. Enthusiast, Security Blogger, Technical Writer, Editor, Author at TheSecMaster. To know more about me. Follow me on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Learn Something New with Free Email subscription

Email is also one of the ways to be in touch with us. Our free subscription plan offers you to receive post updates straight to your inbox.