According to the security advisory published by Cisco, “It allows an unauthenticated, remote attacker to bypass authentication controls and access the IPSec VPN network”.
The vulnerability stems due to the improper implementation of the password validation algorithm. So an attacker could exploit this vulnerability by logging in to the VPN from an affected device with “crafted credentials”.
In this case, the attackers gain privileges that are the same level as an administrative user, depending on the crafted credentials that are used.
Cisco has not released patches that address this vulnerability. There are no workarounds that address this vulnerability.
This vulnerability affects the Cisco Small Business RV Series Routers if the IPSec VPN Server feature is enabled:
- RV110W Wireless-N VPN Firewall
- RV130 VPN Router
- RV130W Wireless-N Multifunction VPN Router
- RV215W Wireless-N VPN Router
Log in to the web-based management interface and choose VPN > IPSec VPN Server > Setup, to find out whether the IPSec VPN Server feature is configured on a device.
Upgrade To Newer Router Models
“Cisco has not released and will not release software updates to address the vulnerability described in this advisory”.
“Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers have entered the end-of-life process”, the company added.
Cisco advises to migrate to Cisco Small Business RV132W, RV160, or RV160W Routers. Further, on a regular basis see the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution. Notably, CVE-2022-20923 is not the first severe security vulnerability affecting these EoL router models that Cisco left unpatched in recent years.