CVE-2022-20775 (GCVE-0-2022-20775)
Vulnerability from cvelistv5
Published
2022-09-30 18:45
Modified
2026-03-02 13:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-25 - Path Traversal: '/../filedir'
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.
This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Catalyst SD-WAN |
Version: 18.3.1 Version: 19.2.1 Version: 17.2.4 Version: 19.3.0 Version: 18.3.0 Version: 18.3.4 Version: 18.4.303 Version: 18.4.0.1 Version: 17.2.9 Version: 18.3.7 Version: 18.2.0 Version: 17.2.10 Version: 18.4.5 Version: 18.4.0 Version: 17.2.5 Version: 18.3.8 Version: 18.4.4 Version: 18.4.302 Version: 17.2.7 Version: 19.2.098 Version: 20.1.1 Version: 19.2.099 Version: 18.3.3 Version: 18.4.1 Version: 17.2.8 Version: 18.3.5 Version: 19.0.0 Version: 18.4.3 Version: 19.1.0 Version: 17.2.6 Version: 18.3.3.1 Version: 19.2.097 Version: 20.1.1.1 Version: 18.3.6 Version: 19.2.0 Version: 19.2.2 Version: 20.1.11 Version: 20.1.12 Version: 19.1.0a Version: 19.2.3 Version: 17.3.1ESM1 Version: 20.3.1 Version: 17.3.1ESM2 Version: 17.2.1LA Version: 20.1.2 Version: 17.3.1ESM3 Version: 19.2.929 Version: 19.2.31 Version: 20.3.2 Version: 19.2.32 Version: 17.3.2ESM1 Version: 20.3.2.1 Version: 18.4.6 Version: 20.4.1 Version: 17.3.2ESM2 Version: 19.2.4 Version: 20.4.1.1 Version: 20.3.3 Version: 20.3.809 Version: 20.3.3.1 Version: 20.5.1 Version: 20.3.811 Version: 20.1.3 Version: 20.4.1.2 Version: 17.4.2.2527 Version: 17.4.2ES1 Version: 17.3.2ESM3 Version: 20.4.2 Version: 20.3.4 Version: 20.6.1 Version: 20.6.1.1 Version: 20.6.2 Version: 20.7.1 Version: 20.4.2.1 Version: 20.3.4.1 Version: 20.5.1.1 Version: 20.6.2.1 Version: 20.3.4.2 Version: 20.4.2.2 Version: 20.6.2.2 Version: 20.5.1.2 Version: 20.7.1.1 Version: 20.3.5 Version: 20.6.3 Version: 20.7.2 Version: 20.6.3.1 Version: 20.6.4 Version: 20.3.6 Version: 20.6.5 Version: 20.3.7 Version: 20.6.5.1 Version: 20.6.4.1 Version: 20.6.3.2 Version: 20.4.2.3 Version: 20.6.1.2 Version: 20.3.4.3 Version: 20.6.5.2 Version: 20.3.3.2 Version: 20.3.7.1 Version: 20.3.5.1 Version: 20.1.3.1 Version: 20.6.5.3 Version: 20.6.3.3 Version: 20.3.7.2 Version: 20.6.5.4 Version: 20.6.4.2 Version: 20.6.5.5 Version: 20.6.3.4 Version: 20.3.8 Version: 20.6.6 Version: 20.6.7 Version: 20.6.8 |
||||||||||||||||||||||
|
||||||||||||||||||||||||
CISA Known Exploited Vulnerability
Data from the CISA Known Exploited Vulnerabilities Catalog
Date added: 2026-02-25
Due date: 2026-02-27
Required action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
Used in ransomware: Unknown
Notes: CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-sd-wan-priv-E6e8tEdF.html ; https://nvd.nist.gov/vuln/detail/CVE-2022-20775
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220928 Cisco SD-WAN Software Privilege Escalation Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF"
},
{
"tags": [
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wmjv-552v-pxjc"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20775",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T04:55:56.395248Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-02-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-20775"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T13:12:09.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-20775"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Catalyst SD-WAN",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "18.4.0.1"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "18.4.302"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "19.2.098"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "19.0.0"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "18.3.3.1"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "20.1.1.1"
},
{
"status": "affected",
"version": "18.3.6"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "20.1.11"
},
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "19.1.0a"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "17.3.1ESM1"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "17.3.1ESM2"
},
{
"status": "affected",
"version": "17.2.1LA"
},
{
"status": "affected",
"version": "20.1.2"
},
{
"status": "affected",
"version": "17.3.1ESM3"
},
{
"status": "affected",
"version": "19.2.929"
},
{
"status": "affected",
"version": "19.2.31"
},
{
"status": "affected",
"version": "20.3.2"
},
{
"status": "affected",
"version": "19.2.32"
},
{
"status": "affected",
"version": "17.3.2ESM1"
},
{
"status": "affected",
"version": "20.3.2.1"
},
{
"status": "affected",
"version": "18.4.6"
},
{
"status": "affected",
"version": "20.4.1"
},
{
"status": "affected",
"version": "17.3.2ESM2"
},
{
"status": "affected",
"version": "19.2.4"
},
{
"status": "affected",
"version": "20.4.1.1"
},
{
"status": "affected",
"version": "20.3.3"
},
{
"status": "affected",
"version": "20.3.809"
},
{
"status": "affected",
"version": "20.3.3.1"
},
{
"status": "affected",
"version": "20.5.1"
},
{
"status": "affected",
"version": "20.3.811"
},
{
"status": "affected",
"version": "20.1.3"
},
{
"status": "affected",
"version": "20.4.1.2"
},
{
"status": "affected",
"version": "17.4.2.2527"
},
{
"status": "affected",
"version": "17.4.2ES1"
},
{
"status": "affected",
"version": "17.3.2ESM3"
},
{
"status": "affected",
"version": "20.4.2"
},
{
"status": "affected",
"version": "20.3.4"
},
{
"status": "affected",
"version": "20.6.1"
},
{
"status": "affected",
"version": "20.6.1.1"
},
{
"status": "affected",
"version": "20.6.2"
},
{
"status": "affected",
"version": "20.7.1"
},
{
"status": "affected",
"version": "20.4.2.1"
},
{
"status": "affected",
"version": "20.3.4.1"
},
{
"status": "affected",
"version": "20.5.1.1"
},
{
"status": "affected",
"version": "20.6.2.1"
},
{
"status": "affected",
"version": "20.3.4.2"
},
{
"status": "affected",
"version": "20.4.2.2"
},
{
"status": "affected",
"version": "20.6.2.2"
},
{
"status": "affected",
"version": "20.5.1.2"
},
{
"status": "affected",
"version": "20.7.1.1"
},
{
"status": "affected",
"version": "20.3.5"
},
{
"status": "affected",
"version": "20.6.3"
},
{
"status": "affected",
"version": "20.7.2"
},
{
"status": "affected",
"version": "20.6.3.1"
},
{
"status": "affected",
"version": "20.6.4"
},
{
"status": "affected",
"version": "20.3.6"
},
{
"status": "affected",
"version": "20.6.5"
},
{
"status": "affected",
"version": "20.3.7"
},
{
"status": "affected",
"version": "20.6.5.1"
},
{
"status": "affected",
"version": "20.6.4.1"
},
{
"status": "affected",
"version": "20.6.3.2"
},
{
"status": "affected",
"version": "20.4.2.3"
},
{
"status": "affected",
"version": "20.6.1.2"
},
{
"status": "affected",
"version": "20.3.4.3"
},
{
"status": "affected",
"version": "20.6.5.2"
},
{
"status": "affected",
"version": "20.3.3.2"
},
{
"status": "affected",
"version": "20.3.7.1"
},
{
"status": "affected",
"version": "20.3.5.1"
},
{
"status": "affected",
"version": "20.1.3.1"
},
{
"status": "affected",
"version": "20.6.5.3"
},
{
"status": "affected",
"version": "20.6.3.3"
},
{
"status": "affected",
"version": "20.3.7.2"
},
{
"status": "affected",
"version": "20.6.5.4"
},
{
"status": "affected",
"version": "20.6.4.2"
},
{
"status": "affected",
"version": "20.6.5.5"
},
{
"status": "affected",
"version": "20.6.3.4"
},
{
"status": "affected",
"version": "20.3.8"
},
{
"status": "affected",
"version": "20.6.6"
},
{
"status": "affected",
"version": "20.6.7"
},
{
"status": "affected",
"version": "20.6.8"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Catalyst SD-WAN Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "20.1.1.1"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "18.3.6"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "19.0.0"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "18.4.302"
},
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "19.2.098"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "18.3.6.1"
},
{
"status": "affected",
"version": "19.0.1a"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "18.3.3.1"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "18.3.1.1"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "18.4.0.1"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "18.4.501_ES"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "20.1.2"
},
{
"status": "affected",
"version": "19.2.929"
},
{
"status": "affected",
"version": "19.2.31"
},
{
"status": "affected",
"version": "20.3.2"
},
{
"status": "affected",
"version": "19.2.32"
},
{
"status": "affected",
"version": "20.3.2_925"
},
{
"status": "affected",
"version": "20.3.2.1"
},
{
"status": "affected",
"version": "20.3.2.1_927"
},
{
"status": "affected",
"version": "18.4.6"
},
{
"status": "affected",
"version": "20.1.2_937"
},
{
"status": "affected",
"version": "20.4.1"
},
{
"status": "affected",
"version": "20.3.2_928"
},
{
"status": "affected",
"version": "20.3.2_929"
},
{
"status": "affected",
"version": "20.4.1.0.1"
},
{
"status": "affected",
"version": "20.3.2.1_930"
},
{
"status": "affected",
"version": "19.2.4"
},
{
"status": "affected",
"version": "20.5.0.1.1"
},
{
"status": "affected",
"version": "20.4.1.1"
},
{
"status": "affected",
"version": "20.3.3"
},
{
"status": "affected",
"version": "19.2.4.0.1"
},
{
"status": "affected",
"version": "20.3.2_937"
},
{
"status": "affected",
"version": "20.3.3.1"
},
{
"status": "affected",
"version": "20.5.1"
},
{
"status": "affected",
"version": "20.1.3"
},
{
"status": "affected",
"version": "20.3.3.0.4"
},
{
"status": "affected",
"version": "20.3.3.1.2"
},
{
"status": "affected",
"version": "20.3.3.1.1"
},
{
"status": "affected",
"version": "20.4.1.2"
},
{
"status": "affected",
"version": "20.3.3.0.2"
},
{
"status": "affected",
"version": "20.4.1.1.5"
},
{
"status": "affected",
"version": "20.4.1.0.01"
},
{
"status": "affected",
"version": "20.4.1.0.02"
},
{
"status": "affected",
"version": "20.3.3.1.7"
},
{
"status": "affected",
"version": "20.3.3.1.5"
},
{
"status": "affected",
"version": "20.5.1.0.1"
},
{
"status": "affected",
"version": "20.3.3.1.10"
},
{
"status": "affected",
"version": "20.3.3.0.8"
},
{
"status": "affected",
"version": "20.4.2"
},
{
"status": "affected",
"version": "20.4.2.0.1"
},
{
"status": "affected",
"version": "20.3.4"
},
{
"status": "affected",
"version": "20.3.3.0.14"
},
{
"status": "affected",
"version": "19.2.4.0.8"
},
{
"status": "affected",
"version": "19.2.4.0.9"
},
{
"status": "affected",
"version": "20.3.4.0.1"
},
{
"status": "affected",
"version": "20.3.2.0.5"
},
{
"status": "affected",
"version": "20.6.1"
},
{
"status": "affected",
"version": "20.5.1.0.2"
},
{
"status": "affected",
"version": "20.3.3.0.17"
},
{
"status": "affected",
"version": "20.6.1.1"
},
{
"status": "affected",
"version": "20.6.0.18.3"
},
{
"status": "affected",
"version": "20.3.2.0.6"
},
{
"status": "affected",
"version": "20.6.0.18.4"
},
{
"status": "affected",
"version": "20.4.2.0.2"
},
{
"status": "affected",
"version": "20.3.3.0.16"
},
{
"status": "affected",
"version": "20.3.4.0.5"
},
{
"status": "affected",
"version": "20.6.1.0.1"
},
{
"status": "affected",
"version": "20.3.4.0.6"
},
{
"status": "affected",
"version": "20.6.2"
},
{
"status": "affected",
"version": "20.7.1EFT2"
},
{
"status": "affected",
"version": "20.3.4.0.9"
},
{
"status": "affected",
"version": "20.3.4.0.11"
},
{
"status": "affected",
"version": "20.4.2.0.4"
},
{
"status": "affected",
"version": "20.3.3.0.18"
},
{
"status": "affected",
"version": "20.7.1"
},
{
"status": "affected",
"version": "20.6.2.1"
},
{
"status": "affected",
"version": "20.3.4.1"
},
{
"status": "affected",
"version": "20.5.1.1"
},
{
"status": "affected",
"version": "20.4.2.1"
},
{
"status": "affected",
"version": "20.4.2.1.1"
},
{
"status": "affected",
"version": "20.3.4.1.1"
},
{
"status": "affected",
"version": "20.3.813"
},
{
"status": "affected",
"version": "20.3.4.0.19"
},
{
"status": "affected",
"version": "20.4.2.2.1"
},
{
"status": "affected",
"version": "20.5.1.2"
},
{
"status": "affected",
"version": "20.3.4.2"
},
{
"status": "affected",
"version": "20.3.814"
},
{
"status": "affected",
"version": "20.4.2.2"
},
{
"status": "affected",
"version": "20.6.2.2"
},
{
"status": "affected",
"version": "20.3.4.2.1"
},
{
"status": "affected",
"version": "20.7.1.1"
},
{
"status": "affected",
"version": "20.3.4.1.2"
},
{
"status": "affected",
"version": "20.6.2.2.2"
},
{
"status": "affected",
"version": "20.3.4.0.20"
},
{
"status": "affected",
"version": "20.6.2.2.3"
},
{
"status": "affected",
"version": "20.4.2.2.2"
},
{
"status": "affected",
"version": "20.3.5"
},
{
"status": "affected",
"version": "20.6.2.0.4"
},
{
"status": "affected",
"version": "20.4.2.2.3"
},
{
"status": "affected",
"version": "20.3.4.0.24"
},
{
"status": "affected",
"version": "20.6.2.2.7"
},
{
"status": "affected",
"version": "20.6.3"
},
{
"status": "affected",
"version": "20.3.4.2.2"
},
{
"status": "affected",
"version": "20.4.2.2.4"
},
{
"status": "affected",
"version": "20.7.1.0.2"
},
{
"status": "affected",
"version": "20.3.5.0.8"
},
{
"status": "affected",
"version": "20.3.5.0.9"
},
{
"status": "affected",
"version": "20.3.5.0.7"
},
{
"status": "affected",
"version": "20.3.6"
},
{
"status": "affected",
"version": "20.3.7"
},
{
"status": "affected",
"version": "20.3.5.1"
},
{
"status": "affected",
"version": "20.3.4.3"
},
{
"status": "affected",
"version": "20.3.3.2"
},
{
"status": "affected",
"version": "20.3.7.1"
},
{
"status": "affected",
"version": "20.3.4.0.25"
},
{
"status": "affected",
"version": "20.6.2.2.4"
},
{
"status": "affected",
"version": "20.6.1.2"
},
{
"status": "affected",
"version": "20.3.4.0.26"
},
{
"status": "affected",
"version": "20.3.7.2"
},
{
"status": "affected",
"version": "20.3.8"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco SD-WAN vContainer",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "18.3.6"
},
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "18.4.302"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "19.2.098"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "20.1.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco SD-WAN vEdge Cloud",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "18.3.6"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "18.4.302"
},
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "19.2.098"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "19.0.1a"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "20.1.2"
},
{
"status": "affected",
"version": "19.2.929"
},
{
"status": "affected",
"version": "19.2.31"
},
{
"status": "affected",
"version": "20.3.2"
},
{
"status": "affected",
"version": "19.2.32"
},
{
"status": "affected",
"version": "18.4.6"
},
{
"status": "affected",
"version": "20.4.1"
},
{
"status": "affected",
"version": "19.2.4"
},
{
"status": "affected",
"version": "20.4.1.1"
},
{
"status": "affected",
"version": "20.3.3"
},
{
"status": "affected",
"version": "20.5.1"
},
{
"status": "affected",
"version": "20.1.3"
},
{
"status": "affected",
"version": "20.4.1.2"
},
{
"status": "affected",
"version": "20.4.2"
},
{
"status": "affected",
"version": "20.3.4"
},
{
"status": "affected",
"version": "20.6.1"
},
{
"status": "affected",
"version": "20.6.2"
},
{
"status": "affected",
"version": "20.7.1"
},
{
"status": "affected",
"version": "20.3.5"
},
{
"status": "affected",
"version": "20.6.3"
},
{
"status": "affected",
"version": "20.7.2"
},
{
"status": "affected",
"version": "20.6.4"
},
{
"status": "affected",
"version": "20.3.6"
},
{
"status": "affected",
"version": "20.6.5"
},
{
"status": "affected",
"version": "20.3.7"
},
{
"status": "affected",
"version": "20.4.2.3"
},
{
"status": "affected",
"version": "20.3.4.3"
},
{
"status": "affected",
"version": "20.6.4.1"
},
{
"status": "affected",
"version": "20.6.3.2"
},
{
"status": "affected",
"version": "20.3.5.1"
},
{
"status": "affected",
"version": "20.6.5.2"
},
{
"status": "affected",
"version": "20.3.7.1"
},
{
"status": "affected",
"version": "20.3.3.2"
},
{
"status": "affected",
"version": "20.6.1.2"
},
{
"status": "affected",
"version": "20.1.3.1"
},
{
"status": "affected",
"version": "20.6.5.3"
},
{
"status": "affected",
"version": "20.6.3.3"
},
{
"status": "affected",
"version": "20.3.7.2"
},
{
"status": "affected",
"version": "20.6.5.4"
},
{
"status": "affected",
"version": "20.3.8"
},
{
"status": "affected",
"version": "20.6.6"
},
{
"status": "affected",
"version": "20.6.7"
},
{
"status": "affected",
"version": "20.6.8"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco SD-WAN vEdge Router",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "18.3.6"
},
{
"status": "affected",
"version": "19.0.0"
},
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "19.1.01"
},
{
"status": "affected",
"version": "19.2.098"
},
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "18.4.302"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "20.1.11"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "19.0.1a"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "20.1.2"
},
{
"status": "affected",
"version": "19.2.929"
},
{
"status": "affected",
"version": "19.2.31"
},
{
"status": "affected",
"version": "20.3.2"
},
{
"status": "affected",
"version": "19.2.32"
},
{
"status": "affected",
"version": "18.4.6"
},
{
"status": "affected",
"version": "20.4.1"
},
{
"status": "affected",
"version": "19.2.4"
},
{
"status": "affected",
"version": "20.4.1.1"
},
{
"status": "affected",
"version": "20.3.3"
},
{
"status": "affected",
"version": "20.5.1"
},
{
"status": "affected",
"version": "20.1.3"
},
{
"status": "affected",
"version": "20.4.1.2"
},
{
"status": "affected",
"version": "20.4.2"
},
{
"status": "affected",
"version": "20.3.4"
},
{
"status": "affected",
"version": "20.6.1"
},
{
"status": "affected",
"version": "20.6.2"
},
{
"status": "affected",
"version": "20.7.1"
},
{
"status": "affected",
"version": "20.7.1.2"
},
{
"status": "affected",
"version": "20.3.5"
},
{
"status": "affected",
"version": "20.6.3"
},
{
"status": "affected",
"version": "20.7.2"
},
{
"status": "affected",
"version": "20.6.4"
},
{
"status": "affected",
"version": "20.3.6"
},
{
"status": "affected",
"version": "20.6.5"
},
{
"status": "affected",
"version": "20.3.7"
},
{
"status": "affected",
"version": "20.6.5.1"
},
{
"status": "affected",
"version": "20.3.3.2"
},
{
"status": "affected",
"version": "20.6.4.1"
},
{
"status": "affected",
"version": "20.6.3.2"
},
{
"status": "affected",
"version": "20.3.4.3"
},
{
"status": "affected",
"version": "20.6.5.2"
},
{
"status": "affected",
"version": "20.3.7.1"
},
{
"status": "affected",
"version": "20.3.5.1"
},
{
"status": "affected",
"version": "20.6.1.2"
},
{
"status": "affected",
"version": "20.6.5.3"
},
{
"status": "affected",
"version": "20.6.3.3"
},
{
"status": "affected",
"version": "20.3.7.2"
},
{
"status": "affected",
"version": "20.6.5.4"
},
{
"status": "affected",
"version": "20.3.8"
},
{
"status": "affected",
"version": "20.6.6"
},
{
"status": "affected",
"version": "20.6.7"
},
{
"status": "affected",
"version": "20.6.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.\r\n\r\nThis vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF"
}
],
"exploits": [
{
"lang": "en",
"value": "In February 2026, the Cisco PSIRT became aware of attempted exploitation of the vulnerability described in CVE-2022-20775. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-25",
"description": "Path Traversal: \u0027/../filedir\u0027",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T20:36:57.019Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sd-wan-priv-E6e8tEdF",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF"
}
],
"source": {
"advisory": "cisco-sa-sd-wan-priv-E6e8tEdF",
"defects": [
"CSCwa52793"
],
"discovery": "EXTERNAL"
},
"title": "Cisco SD-WAN Software Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20775",
"datePublished": "2022-09-30T18:45:26.687Z",
"dateReserved": "2021-11-02T00:00:00.000Z",
"dateUpdated": "2026-03-02T13:12:09.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2022-20775",
"cwes": "[\"CWE-25\", \"CWE-282\"]",
"dateAdded": "2026-02-25",
"dueDate": "2026-02-27",
"knownRansomwareCampaignUse": "Unknown",
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-sd-wan-priv-E6e8tEdF.html ; https://nvd.nist.gov/vuln/detail/CVE-2022-20775",
"product": "SD-WAN",
"requiredAction": "Please adhere to CISA\u2019s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA\u2019s Emergency Directive 26-03 (URL listed below in Notes) and CISA\u2019s \u201cHunt \u0026 Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
"shortDescription": "Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands within the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.",
"vendorProject": "Cisco",
"vulnerabilityName": "Cisco SD-WAN Path Traversal Vulnerability"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…