Small Business Routers: CVE-2023-20025, CVE-2023-20026 and CVE-2023-20118
Jan. 11, Cisco released a security advisory on three vulnerabilities: CVE-2023-20025, CVE-2023-20026 and CVE-2023-20118. These vulnerabilities impact Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 routers.
CVE-2023-20025 could allow a remote attacker to gain root access to the company’s Small Business RV016, RV042, RV042G and RV082 routers. This vulnerability has a CVSS score of 9.0, according to the advisory.
CVE-2023-20026 and CVE-2023-20118 could allow attackers to execute commands on affected RV016, RV042, RV042G, RV082, RV320 and RV325 routers. These two vulnerabilities have a CVSS score of 6.5, according to the advisory.
The security advisory was last updated on March 14. No workarounds are available, and no software updates to address these vulnerabilities will be forthcoming. But Cisco did share steps administrators can take to reduce the risk associated with these vulnerabilities. The company recommends disabling remote management and blocking access to ports 443 and 60443.
The Cisco PSIRT noted that proof-of-concept exploit code is available for CVE-2023-20025 and CVE-2023-20026, but it did not know of any malicious use, according to the security advisory.
While several of the routers impacted by these vulnerabilities are end-of-life, it is likely that many businesses still used them at the time of the security advisory release.