CVE-2022-20920

Vulnerability

The vulnerability exists in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software. It is due to improper handling of resources during an exceptional situation. An authenticated, remote attacker can exploit this by continuously connecting to an affected device and sending specific SSH requests. Affected versions include various releases of Cisco IOS and IOS XE; see the Cisco Security Advisory for exact version ranges [1].

Exploitation

An attacker must have valid authentication credentials to the device. The attacker then continuously establishes SSH connections and sends specific SSH requests that trigger the resource handling flaw. No user interaction is required beyond the initial authentication. The attack can be performed remotely over the network.

Impact

Successful exploitation causes the affected device to reload, resulting in a denial of service (DoS) condition. This can disrupt network operations until the device recovers. The impact is limited to availability; no data confidentiality or integrity is compromised.

Mitigation

Cisco has released free software updates to address this vulnerability. Customers with service contracts should obtain fixes through their usual update channels. For customers without service contracts, Cisco provides instructions in the advisory [1]. No workarounds are mentioned; upgrading to a fixed version is recommended.