CVE-2022-20685

Summary

A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Cyber Vision3.0.0affected
CiscoCisco Cyber Vision3.0.2affected
CiscoCisco Cyber Vision3.0.3affected
CiscoCisco Cyber Vision3.0.1affected
CiscoCisco Cyber Vision3.1.0affected
CiscoCisco Cyber Vision3.0.4affected
CiscoCisco Cyber Vision3.1.1affected
CiscoCisco Cyber Vision3.1.2affected
CiscoCisco Cyber Vision3.2.0affected
CiscoCisco Cyber Vision3.0.5affected
CiscoCisco Cyber Vision3.2.1affected
CiscoCisco Cyber Vision3.0.6affected
CiscoCisco Cyber Vision3.2.2affected
CiscoCisco Cyber Vision3.2.3affected
CiscoCisco Cyber Vision3.2.4affected
CiscoCisco Cyber Vision4.0.0affected
CiscoCisco Cyber Vision4.0.1affected
CiscoCisco Firepower Threat Defense Software6.2.3.14affected
CiscoCisco Firepower Threat Defense Software6.4.0.1affected
CiscoCisco Firepower Threat Defense Software6.2.3.7affected
CiscoCisco Firepower Threat Defense Software6.2.3affected
CiscoCisco Firepower Threat Defense Software6.4.0.2affected
CiscoCisco Firepower Threat Defense Software6.2.3.9affected
CiscoCisco Firepower Threat Defense Software6.2.3.1affected
CiscoCisco Firepower Threat Defense Software6.2.3.2affected
CiscoCisco Firepower Threat Defense Software6.4.0.5affected
CiscoCisco Firepower Threat Defense Software6.2.3.10affected
CiscoCisco Firepower Threat Defense Software6.4.0affected
CiscoCisco Firepower Threat Defense Software6.4.0.3affected
CiscoCisco Firepower Threat Defense Software6.2.3.6affected
CiscoCisco Firepower Threat Defense Software6.4.0.4affected
CiscoCisco Firepower Threat Defense Software6.2.3.15affected
CiscoCisco Firepower Threat Defense Software6.2.3.5affected
CiscoCisco Firepower Threat Defense Software6.2.3.4affected
CiscoCisco Firepower Threat Defense Software6.2.3.3affected
CiscoCisco Firepower Threat Defense Software6.2.3.8affected
CiscoCisco Firepower Threat Defense Software6.4.0.6affected
CiscoCisco Firepower Threat Defense Software6.2.3.11affected
CiscoCisco Firepower Threat Defense Software6.2.3.12affected
CiscoCisco Firepower Threat Defense Software6.2.3.13affected
CiscoCisco Firepower Threat Defense Software6.4.0.7affected
CiscoCisco Firepower Threat Defense Software6.4.0.8affected
CiscoCisco Firepower Threat Defense Software6.6.0affected
CiscoCisco Firepower Threat Defense Software6.4.0.9affected
CiscoCisco Firepower Threat Defense Software6.2.3.16affected
CiscoCisco Firepower Threat Defense Software6.6.0.1affected
CiscoCisco Firepower Threat Defense Software6.6.1affected
CiscoCisco Firepower Threat Defense Software6.4.0.10affected
CiscoCisco Firepower Threat Defense Software6.7.0affected
CiscoCisco Firepower Threat Defense Software6.4.0.11affected
CiscoCisco Firepower Threat Defense Software6.6.3affected
CiscoCisco Firepower Threat Defense Software6.7.0.1affected
CiscoCisco Firepower Threat Defense Software6.6.4affected
CiscoCisco Firepower Threat Defense Software6.4.0.12affected
CiscoCisco Firepower Threat Defense Software6.7.0.2affected
CiscoCisco Firepower Threat Defense Software7.0.0affected
CiscoCisco Firepower Threat Defense Software6.2.3.17affected
CiscoCisco Firepower Threat Defense Software7.0.0.1affected
CiscoCisco Firepower Threat Defense Software6.6.5affected
CiscoCisco Firepower Threat Defense Software6.2.3.18affected
CiscoCisco Firepower Threat Defense Software6.7.0.3affected
CiscoCisco UTD SNORT IPS Engine Software3.17.1Saffected
CiscoCisco UTD SNORT IPS Engine Software16.12.3affected
CiscoCisco UTD SNORT IPS Engine SoftwareFuji-16.9.5affected
CiscoCisco UTD SNORT IPS Engine Software16.12.4affected
CiscoCisco UTD SNORT IPS Engine Software17.3.1aaffected
CiscoCisco UTD SNORT IPS Engine Software16.6.6affected
CiscoCisco UTD SNORT IPS Engine Software16.12.2affected
CiscoCisco UTD SNORT IPS Engine SoftwareFuji-16.9.6affected
CiscoCisco UTD SNORT IPS Engine Software3.17.0Saffected
CiscoCisco UTD SNORT IPS Engine SoftwareFuji-16.9.3affected
CiscoCisco UTD SNORT IPS Engine SoftwareDenali-16.3.7affected
CiscoCisco UTD SNORT IPS Engine SoftwareFuji-16.9.2affected
CiscoCisco UTD SNORT IPS Engine SoftwareFuji-16.9.4affected
CiscoCisco UTD SNORT IPS Engine SoftwareEverest-16.6.4affected
CiscoCisco UTD SNORT IPS Engine SoftwareEverest-16.6.3affected
CiscoCisco UTD SNORT IPS Engine Software16.6.5affected
CiscoCisco UTD SNORT IPS Engine SoftwareDenali-16.3.5affected
CiscoCisco UTD SNORT IPS Engine Software17.2.1raffected
CiscoCisco UTD SNORT IPS Engine Software17.1.1affected
CiscoCisco UTD SNORT IPS Engine SoftwareEverest-16.6.2affected
CiscoCisco UTD SNORT IPS Engine Software16.6.7aaffected
CiscoCisco UTD SNORT IPS Engine SoftwareDenali-16.3.4affected
CiscoCisco UTD SNORT IPS Engine Software16.6.1affected
CiscoCisco UTD SNORT IPS Engine SoftwareDenali-16.3.9affected
CiscoCisco UTD SNORT IPS Engine SoftwareDenali-16.3.3affected
CiscoCisco UTD SNORT IPS Engine Software16.12.1aaffected
CiscoCisco UTD SNORT IPS Engine Software17.3.2affected
CiscoCisco UTD SNORT IPS Engine Software17.4.1aaffected
CiscoCisco UTD SNORT IPS Engine Software16.12.5affected
CiscoCisco UTD SNORT IPS Engine Software17.5.1affected
CiscoCisco UTD SNORT IPS Engine SoftwareFuji-16.9.7affected
CiscoCisco UTD SNORT IPS Engine Software16.6.9affected
CiscoCisco UTD SNORT IPS Engine Software17.3.3affected
CiscoCisco UTD SNORT IPS Engine Software17.5.1aaffected
CiscoCisco UTD SNORT IPS Engine Software17.3.4affected
CiscoCisco UTD SNORT IPS Engine Software17.3.4aaffected
CiscoCisco UTD SNORT IPS Engine Software17.4.2affected
CiscoCisco UTD SNORT IPS Engine Software17.4.1baffected
CiscoCisco UTD SNORT IPS Engine Software17.6.1aaffected
CiscoCisco UTD SNORT IPS Engine Software16.6.10affected
CiscoCisco UTD SNORT IPS Engine Software17.7.1aaffected
CiscoCisco UTD SNORT IPS Engine Software16.12.6affected
CiscoCisco UTD SNORT IPS Engine SoftwareFuji-16.9.8affected

Weaknesses

  • CWE-190: Integer Overflow or Wraparound

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References