Cisco has decided not to fix the dangerous vulnerability CVE-2022-20923 found in its outdated routers, whose support has long expired. The breach opens up a lot of opportunities for hackers to break into. The only solution that Cisco offers is to buy a more modern model that is still receiving security updates.
Cisco helps hackers
Cisco, which left Russia, announced that it has no plans to release patches for its routers that eliminate the new zero-day vulnerability. According to Bleeping Computer, the problem was found in several of its models at once.
Cisco veiledly explained its reluctance to make its own equipment more secure as a desire to make more money. According to its representatives, a gap with the CVE-2022-20923 index and an as yet unknown level of danger is present only in outdated models of its routers. To protect yourself from hackers, you just need to buy a more modern router, which has not yet expired support.
Cisco does not care much about the security of the owners of their routers
In other words, all users who work with expired routers are potentially vulnerable to hacker attacks due to Cisco’s unwillingness to update software in its outdated hardware. The problem concerns, in particular, the RV110W, RV130, RV130W and RV215W routers, but so far it cannot be ruled out that the final list of dangerous routers consists of a much larger number of models.
Why is it so important
Cisco is an American corporation, one of the largest suppliers of network equipment, especially enterprise class. Its portfolio includes routers, switches, IP telephony solutions, network security solutions, cable modems, Wi-Fi access points, and more.
This indicates its wide distribution around the world, but not all of its customers are ready to switch to new equipment simply because Cisco does not want to update the hardware at their disposal.
However, it is not at all necessary that every owner of an RV110W, RV130, RV130W or RV215W router will necessarily become a victim of a hacker who exploited the CVE-2022-20923 vulnerability. An attacker will be able to use it only if the IPSec VPN Server function is activated on the user’s router.
But if it is enabled, then CVE-2022-20923 opens up a wide scope for “creativity”. It bypasses authorization and gains access to the IPSec VPN network with administrator rights.
What to do
According to Cisco, prior to the publication of information about the CVE-2022-20923 breach, its Product Security Incident Response Team (PSIRT) was not aware of the availability of experimental or stable exploits for this vulnerability in the public domain. The company also claims that there has not yet been a single known case of using CVE-2022-20923 by attackers in the world for their own selfish purposes.
Routers offered by Cisco for purchase are not so easy to find in Russian retail
However, it cannot be said with complete certainty that after the publication of information about CVE-2022-20923, hackers will not start trying to hack outdated Cisco routers. In this regard, the company recommends that all owners of outdated models upgrade as soon as possible. The list of routers with no CVE-2022-20923 firmware includes RV132W, RV160 and RV160W. For example, in Russian retail, before Cisco left the country, the RV160W model was estimated at approximately 17 thousand rubles.
Cisco has a long track record of ignoring dangerous vulnerabilities in its products, particularly in routers. For example, in August 2021, the company flatly refused to release patches for the RV110W, RV130, RV130W, and RV215W routers that fix the CVE-2021-34730 gap. It is considered critical because it allows hackers to remotely execute arbitrary code on behalf of the root user (root). Cisco offered to solve the problem, as now, by switching to a more modern model.
Drones, robots and VR: what innovations are in demand in metallurgy
In June 2022, the situation repeated itself with the same four routers as a year earlier. Another critical vulnerability with index CVE-2022-20825 was found in them, which also allows remote execution of arbitrary code. The way out of the situation is simple – pay Cisco for a router of the current model.
How Cisco left Russia
Problems with the insecurity of old Cisco routers fully apply to Russian users. However, it is not so easy to buy a new model of this brand in Russia now – in early March 2022, against the backdrop of anti-Russian sanctions, Cisco suspended the supply of its products to the Russian market. In mid-June 2022, she announced her final withdrawal from the country by declaring her Russian representative office bankrupt. Along the way, Cisco decided to take out of Russia a large batch of its hardware, which it imported in February 2022.
Cisco’s unwillingness to work in Russia turned into financial difficulties for it. According to the results of the third quarter of fiscal year 2022 (which corresponds to February-April 2022), Cisco lost $200 million in revenue.
Source link & submitted by Newsicon.org