CVE-2022-20685

Q: What is the severity of CVE-2022-20685?

CVE-2022-20685 has a CVSS score of 7.5 (HIGH). An integer overflow vulnerability in Snort's Modbus preprocessor allows remote attackers to cause denial of service by sending crafted Modbus traffic. This affects devices running vulnerable Snort versions, causing traffic inspection to stop when exploited. Cisco has confirmed this vulnerability affects multiple products using Snort.

7.5 HIGH

Denial of Service

📋 TL;DR

An integer overflow vulnerability in Snort's Modbus preprocessor allows remote attackers to cause denial of service by sending crafted Modbus traffic. This affects devices running vulnerable Snort versions, causing traffic inspection to stop when exploited. Cisco has confirmed this vulnerability affects multiple products using Snort.

💻 Affected Systems

Products:

Cisco Firepower Threat Defense (FTD)
Cisco Firepower Management Center (FMC)
Other products using vulnerable Snort versions

Versions: Multiple versions prior to fixes released in 2022

Operating Systems: Linux-based systems running Cisco FTD/FMC

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems with Snort configured to process Modbus traffic. The vulnerability is in the Modbus preprocessor component.

📦 What is this software?

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Cyber Vision by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Firepower Threat Defense by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco

Unified Threat Defense Snort Intrusion Prevention System Engine by Cisco