Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software

Cyber Security

Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller (WLC) that could be abused by an unauthenticated, remote attacker to take control of an affected system.

Tracked as CVE-2022-20695, the issue has been rated 10 out of 10 for severity and enables an adversary to bypass authentication controls and log in to the device through the management interface of WLC.

“This vulnerability is due to the improper implementation of the password validation algorithm,” the company said in an advisory. “An attacker could exploit this vulnerability by logging in to an affected device with crafted credentials.”

Successful exploitation of the flaw could permit an attacker to gain administrator privileges and carry out malicious actions in a manner that allows a complete takeover of the vulnerable system.

The company stressed that the issue only affects the following products if running Cisco WLC Software Release 8.10.151.0 or Release 8.10.162.0 and have macfilter radius compatibility configured as Other –

  • 3504 Wireless Controller
  • 5520 Wireless Controller
  • 8540 Wireless Controller
  • Mobility Express, and
  • Virtual Wireless Controller (vWLC)

Users are recommended to update to version 8.10.171.0 to address the flaw. Cisco Wireless LAN Controller versions 8.9 and earlier as well as 8.10.142.0 and earlier, are not vulnerable.

Cisco, crediting an unnamed researcher at Bispok with reporting the weakness, said there is no evidence that CVE-2022-20695 is being actively exploited in the wild.

Also patched by the networking equipment major this week are 14 high severity flaws and nine medium severity issues impacting Cisco IOS XE/XR and SD-WAN vManage software, and Catalyst Digital Building Series Switches and Catalyst Micro Switches.