#VU64963 Improper Neutralization of Null Byte or NUL Character in Expressway Series and Cisco TelePresence Video Communication Server - CVE-2022-20813

Cybersecurity Help s.r.o.

Published: 2022-07-07

Vulnerability identifier: #VU64963

Vulnerability risk: Medium

CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-20813

CWE-ID: CWE-158

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Expressway Series
Server applications / Conferencing, Collaboration and VoIP solutions
Cisco TelePresence Video Communication Server
Server applications / Other server solutions

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to improper certificate validation. A remote attacker can perform a man-in-the-middle attack and view the intercepted traffic in clear text or alter the contents of the traffic.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Expressway Series: 14.0

Cisco TelePresence Video Communication Server: 14.0

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-overwrite-3buqW8LH

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server