fkie_nvd - fkie_cve-2022-20685

FKIE_CVE-2022-20685

Vulnerability from fkie_nvd - Published: 2024-11-15 16:15 - Updated: 2025-06-24 14:47

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

References

	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ	Not Applicable
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	cyber_vision	3.0.0
cisco	cyber_vision	3.0.1
cisco	cyber_vision	3.0.2
cisco	cyber_vision	3.0.3
cisco	cyber_vision	3.0.4
cisco	cyber_vision	3.0.5
cisco	cyber_vision	3.0.6
cisco	cyber_vision	3.1.0
cisco	cyber_vision	3.1.1
cisco	cyber_vision	3.1.2
cisco	cyber_vision	3.2.0
cisco	cyber_vision	3.2.1
cisco	cyber_vision	3.2.2
cisco	cyber_vision	3.2.3
cisco	cyber_vision	3.2.4
cisco	cyber_vision	4.0.0
cisco	cyber_vision	4.0.1
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	3.17.0s
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	3.17.1s
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.6
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.7a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.9
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.10
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.6
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.1.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.2.1r
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.4a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.4.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.4.1b
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.4.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.5.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.5.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.6.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.7.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.7
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.9
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	everest-16.6.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	everest-16.6.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	everest-16.6.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.6
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.7
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3297323C-B263-45EA-90CE-2B8415C9E498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "797AD8A4-083B-4A9E-A49D-65EE828E1637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB16212-A9DC-4C8C-B220-9619C65436EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C64043F-1F0D-47F7-AEEE-309B239891DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7605B088-A708-40D3-806B-D7E460AE53DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1F7F871-C211-4DC6-8020-1075405BAE17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E42800-B7C9-4006-8B7A-5A9A5F5EB234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE33F541-232E-4432-AB41-EC0500A85E6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D5B5FDC-79B2-447E-816F-1F630508A889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B806EAC6-E1B2-40FB-9B2F-6AFB4A16AF89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7BAC55C-C114-4E64-BC9E-9000B8C016CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "925E6B9B-F7F1-4ED8-8431-282A1061B527",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10EDC3E-0EF6-47DD-834D-51C5BBCC13EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5F799E-6696-4391-9B58-06715FA4086A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE31D26B-CD47-4853-B1C3-2E50B0882AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758714C-4E9A-4442-9AD1-82D8E43995C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F63C0E4-99A9-4D4F-BCF9-EF5F5455C04C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:3.17.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE3E6C71-2A80-45CE-8113-38AE35749E6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:3.17.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D6BEE46-D928-4214-A2C9-88AC63DFE2FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12C50D98-0CAE-4E61-BFFC-8E91A97BED35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "162956CE-1B24-41C6-A7C5-BCA214587CD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "146D7432-4357-409A-8E6D-C9D04CF43ADC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "540DBCF6-3733-4E0C-94C9-58B98D13E35D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BB8A38-693D-4768-A917-81FF9E898AEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "90BCC057-5064-4FE5-B2C8-2EB14A59D763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7C20FF-6587-4E62-9318-03B4C61AC70C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0536C6-5F9E-48A7-A004-F0F5FE9C83E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "11FF3577-FC7E-4CAE-8B06-CAFAB97D7D7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F8DC147-FB97-4364-9520-6E69C282424F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D51165-6AF2-4E61-83DC-D04EC90ED435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC483F1B-D09E-486A-99FF-D7C0872C5CA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA2C618-C2DA-4194-869D-1F0198A361B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.2.1r:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FEB2A57-CF8F-4E87-939A-5B3EF7E5E0A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BA9E488-2A54-4226-B413-89D141362350",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "359EDE5C-4017-487A-B3D3-F22A42165E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D024AF06-DCB5-44B4-A985-07EDC093DBB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "373F1DDC-E1A7-496F-A86D-3724266D3143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "A28594C9-139A-4EE4-81D9-C7E96A1DD886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.4.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "018F06B0-1486-4822-B2EA-4449652919EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.4.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADEC96FA-5B14-43AD-B83A-AA630941DD5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3B1688-5301-4799-9AAC-DC7ED4497AAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B5FDEDF-B870-4204-BADC-92805F431BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.5.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A61788-FA7B-4506-90DF-17ED5053C3A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "245ED9C3-4B16-4CC1-BC78-B4AED938C0B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.7.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D39700C2-E83C-4ECE-9640-CEFBDD18DC4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CC7F6B1-FD0C-4D68-9DA2-B34096899C0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C52FF5-F2A8-41DD-A584-FD16CE143329",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A629FCAF-0F3C-43C9-8BDB-68D9EE675A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E8F55F7-9FF4-4A97-925C-F828701BA18E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACE7D048-0D0B-4E48-8E57-192B02F5CD1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:everest-16.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E7B2DC4-3971-4D60-B9F9-282332E6CBEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:everest-16.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B88058B-F68D-4901-8BB0-30E8BE9A98B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:everest-16.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7271541D-6563-4DE7-9085-E6CB66583C2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C956E85E-B778-43E3-ABBE-4C373FF474A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A31CEA23-B824-4D43-9FED-16071985C822",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E59FDC96-71AC-4FC7-BA0A-1EAC301362D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DADBCC11-AF7D-41EA-B88F-F4B72F90B258",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "32867BBF-E973-4B9E-895A-4E75C5F7F35F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B13ACF4-20B5-4DC8-BDDA-144AFA1DFD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D94B404-B1F4-42D4-ACF6-4F84F2B34F80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThis vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el preprocesador Modbus del motor de detecci\u00f3n Snort podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un desbordamiento de enteros durante el procesamiento del tr\u00e1fico Modbus. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico Modbus manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque que el proceso Snort se bloquee, lo que provocar\u00eda que se detenga la inspecci\u00f3n del tr\u00e1fico. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
    }
  ],
  "id": "CVE-2022-20685",
  "lastModified": "2025-06-24T14:47:25.657",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-15T16:15:21.910",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CVE-2022-20685 (GCVE-0-2022-20685)

Vulnerability from cvelistv5 – Published: 2024-11-15 15:36 – Updated: 2025-01-27 17:48

Summary

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

cisco

References

URL

Tags

	https://sec.cloudapps.cisco.com/security/center/c…
	https://sec.cloudapps.cisco.com/security/center/c…

Impacted products

Vendor

Product

Version

Cisco

Cisco Cyber Vision

Affected: 3.0.0
Affected: 3.0.2
Affected: 3.0.3
Affected: 3.0.1
Affected: 3.1.0
Affected: 3.0.4
Affected: 3.1.1
Affected: 3.1.2
Affected: 3.2.0
Affected: 3.0.5
Affected: 3.2.1
Affected: 3.0.6
Affected: 3.2.2
Affected: 3.2.3
Affected: 3.2.4
Affected: 4.0.0
Affected: 4.0.1

	Cisco	Cisco Firepower Threat Defense Software	Affected: 6.2.3.14 Affected: 6.4.0.1 Affected: 6.2.3.7 Affected: 6.2.3 Affected: 6.4.0.2 Affected: 6.2.3.9 Affected: 6.2.3.1 Affected: 6.2.3.2 Affected: 6.4.0.5 Affected: 6.2.3.10 Affected: 6.4.0 Affected: 6.4.0.3 Affected: 6.2.3.6 Affected: 6.4.0.4 Affected: 6.2.3.15 Affected: 6.2.3.5 Affected: 6.2.3.4 Affected: 6.2.3.3 Affected: 6.2.3.8 Affected: 6.4.0.6 Affected: 6.2.3.11 Affected: 6.2.3.12 Affected: 6.2.3.13 Affected: 6.4.0.7 Affected: 6.4.0.8 Affected: 6.6.0 Affected: 6.4.0.9 Affected: 6.2.3.16 Affected: 6.6.0.1 Affected: 6.6.1 Affected: 6.4.0.10 Affected: 6.7.0 Affected: 6.4.0.11 Affected: 6.6.3 Affected: 6.7.0.1 Affected: 6.6.4 Affected: 6.4.0.12 Affected: 6.7.0.2 Affected: 7.0.0 Affected: 6.2.3.17 Affected: 7.0.0.1 Affected: 6.6.5 Affected: 6.2.3.18 Affected: 6.7.0.3
	Cisco	Cisco UTD SNORT IPS Engine Software	Affected: 3.17.1S Affected: 16.12.3 Affected: Fuji-16.9.5 Affected: 16.12.4 Affected: 17.3.1a Affected: 16.6.6 Affected: 16.12.2 Affected: Fuji-16.9.6 Affected: 3.17.0S Affected: Fuji-16.9.3 Affected: Denali-16.3.7 Affected: Fuji-16.9.2 Affected: Fuji-16.9.4 Affected: Everest-16.6.4 Affected: Everest-16.6.3 Affected: 16.6.5 Affected: Denali-16.3.5 Affected: 17.2.1r Affected: 17.1.1 Affected: Everest-16.6.2 Affected: 16.6.7a Affected: Denali-16.3.4 Affected: 16.6.1 Affected: Denali-16.3.9 Affected: Denali-16.3.3 Affected: 16.12.1a Affected: 17.3.2 Affected: 17.4.1a Affected: 16.12.5 Affected: 17.5.1 Affected: Fuji-16.9.7 Affected: 16.6.9 Affected: 17.3.3 Affected: 17.5.1a Affected: 17.3.4 Affected: 17.3.4a Affected: 17.4.2 Affected: 17.4.1b Affected: 17.6.1a Affected: 16.6.10 Affected: 17.7.1a Affected: 16.12.6 Affected: Fuji-16.9.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-20685",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:20:05.316414Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-27T17:48:32.910Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Cyber Vision",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "3.0.2"
            },
            {
              "status": "affected",
              "version": "3.0.3"
            },
            {
              "status": "affected",
              "version": "3.0.1"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "3.0.4"
            },
            {
              "status": "affected",
              "version": "3.1.1"
            },
            {
              "status": "affected",
              "version": "3.1.2"
            },
            {
              "status": "affected",
              "version": "3.2.0"
            },
            {
              "status": "affected",
              "version": "3.0.5"
            },
            {
              "status": "affected",
              "version": "3.2.1"
            },
            {
              "status": "affected",
              "version": "3.0.6"
            },
            {
              "status": "affected",
              "version": "3.2.2"
            },
            {
              "status": "affected",
              "version": "3.2.3"
            },
            {
              "status": "affected",
              "version": "3.2.4"
            },
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "4.0.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco UTD SNORT IPS Engine Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.17.1S"
            },
            {
              "status": "affected",
              "version": "16.12.3"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.5"
            },
            {
              "status": "affected",
              "version": "16.12.4"
            },
            {
              "status": "affected",
              "version": "17.3.1a"
            },
            {
              "status": "affected",
              "version": "16.6.6"
            },
            {
              "status": "affected",
              "version": "16.12.2"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.6"
            },
            {
              "status": "affected",
              "version": "3.17.0S"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.3"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.7"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.2"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.4"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.4"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.3"
            },
            {
              "status": "affected",
              "version": "16.6.5"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.5"
            },
            {
              "status": "affected",
              "version": "17.2.1r"
            },
            {
              "status": "affected",
              "version": "17.1.1"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.2"
            },
            {
              "status": "affected",
              "version": "16.6.7a"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.4"
            },
            {
              "status": "affected",
              "version": "16.6.1"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.9"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.3"
            },
            {
              "status": "affected",
              "version": "16.12.1a"
            },
            {
              "status": "affected",
              "version": "17.3.2"
            },
            {
              "status": "affected",
              "version": "17.4.1a"
            },
            {
              "status": "affected",
              "version": "16.12.5"
            },
            {
              "status": "affected",
              "version": "17.5.1"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.7"
            },
            {
              "status": "affected",
              "version": "16.6.9"
            },
            {
              "status": "affected",
              "version": "17.3.3"
            },
            {
              "status": "affected",
              "version": "17.5.1a"
            },
            {
              "status": "affected",
              "version": "17.3.4"
            },
            {
              "status": "affected",
              "version": "17.3.4a"
            },
            {
              "status": "affected",
              "version": "17.4.2"
            },
            {
              "status": "affected",
              "version": "17.4.1b"
            },
            {
              "status": "affected",
              "version": "17.6.1a"
            },
            {
              "status": "affected",
              "version": "16.6.10"
            },
            {
              "status": "affected",
              "version": "17.7.1a"
            },
            {
              "status": "affected",
              "version": "16.12.6"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThis vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-15T15:36:31.261Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-snort-dos-9D3hJLuj",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj"
        },
        {
          "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eAttention\u003c/strong\u003e: Simplifying the Cisco\u0026nbsp;portfolio includes the renaming of security products under one brand: Cisco\u0026nbsp;Secure. For more information, see \u003ca href=\"https://www.cisco.com/c/en/us/products/security/secure-names.html\"\u003eMeet Cisco\u0026nbsp;Secure",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-dos-9D3hJLuj",
        "defects": [
          "CSCvz27235"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Multiple Cisco Products Snort Modbus Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20685",
    "datePublished": "2024-11-15T15:36:31.261Z",
    "dateReserved": "2021-11-02T13:28:29.055Z",
    "dateUpdated": "2025-01-27T17:48:32.910Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2022-20685

CVE-2022-20685 (GCVE-0-2022-20685)

Tags

Sightings

Nomenclature