CVE-2022-20855

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points (affected versions not specified)

Description A vulnerability in the self-healing functionality could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the access point. This is due to improper checks throughout the restart of certain system processes. An attacker could exploit this by logging on to an affected device and executing certain CLI commands, potentially allowing the execution of arbitrary commands on the underlying OS as root. The attacker would need valid credentials for a privilege level 15 user of the wireless controller.

Recommendations To resolve the issue, update to a version of Cisco IOS XE Software that addresses this vulnerability. As a temporary workaround, consider restricting access to the self-healing functionality and limiting the execution of CLI commands to necessary personnel only. Avoid using the affected self-healing functionality until a patch is available. Restrict access to the underlying operating system to minimize the risk of exploitation. Apply the software updates released by Cisco that address this vulnerability.