What is CVE-2022-20919?

CVE-2022-20919 is a high-severity vulnerability in Cisco Ios, classified under CWE-248. CVSS score: 8.6/10. Published 2022-09-30.

How severe is CVE-2022-20919?

High severity. CVSS v3 base score is 8.6 out of 10.

Is CVE-2022-20919 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Cisco Ios

CVE-2022-20919

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpected…

EPSS: 0.009 (76.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Ios — versions n/a

Weakness classification (CWE)

CWE-248

Public proof-of-concept exploits

karimhabush/cyberowl

References

20220928 Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2022-20919?: CVE-2022-20919 is a high-severity vulnerability in Cisco Ios, classified under CWE-248. CVSS score: 8.6/10. Published 2022-09-30.
How severe is CVE-2022-20919?: High severity. CVSS v3 base score is 8.6 out of 10.
Is CVE-2022-20919 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.