Cisco Wireless LAN Controller Management Critical Vulnerability

Request an audit

Summary

Cisco have published a security advisory about an Authentication Bypass vulnerability in Cisco Wireless LAN Controller (WLC) software (CVE-2022-20695). The vulnerability has a CVSS 3.1 score of 10 (Critical).

This vulnerability could allow an unauthenticated remote attacker to bypass authentication controls and login to the device via the management interface using crafted credential input.

Cisco notes in their advisory that the vulnerability exists when a non-default device configuration is present.

Cisco have patched the vulnerability in Wireless LAN Controller 8.10.171.0.

Affected Products

This vulnerability affects the following Cisco products if they are running Cisco WLC Software Release 8.10.151.0 or Release 8.10.162.0 and have macfilter radius compatibility configured as Other:

3504 Wireless Controller
5520 Wireless Controller
8540 Wireless Controller
Mobility Express
Virtual Wireless Controller (vWLC)

Unaffected Products

Cisco have confirmed that this vulnerability does not affect the following Cisco products:

Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches
Catalyst 9800 Series Wireless Controllers
Catalyst 9800 Wireless Controller for Cloud
Embedded Wireless Controller on Catalyst Access Points
Wireless LAN Controller (WLC) AireOS products not listed in the Vulnerable Products section

Cisco have confirmed that WLC 8.9 and earlier are not vulnerable and 8.10.142.0 and earlier are not vulnerable.

Mitigations

Cisco have detailed mitigations to address the vulnerability.

Option 1: No Macfilters in the Environment

Customers who do not use macfilters can reset the macfilter radius compatibility mode to the default value using the following CLI command:

wlc > config macfilter radius-compat cisco
Option 2: Macfilters in the Environment

Customers who use macfilters and who are able to change the radius server configuration to match other possible compatibility modes can modify the macfilter compatibility to either cisco or free using one of the following CLI commands:

wlc > config macfilter radius-compat cisco
wlc > config macfilter radius-compat free

Services

IT security assessment

Security & network assessment

Ethical hacking

OT/IoT security assessment

Red & Blue Teaming

M365 assessment

Governance

Decision tree

GDPR assessment

ISO 27k assessment

Social engineering

Cybersecurity maturity assessment

Networking

Security & network assessment

OT/IoT network assessment

Identify

Managed services

Network Operations Centre (NOC)

Security Operations Centre (SOC)

Network as a Service (NaaS)

Security Governance

UBA

Governance

Chief Information Security Officer (CISO)

Information Security Officer (ISO)

Social engineering

Security awareness training

Information Protection & Governance

Security & networking optimization

High-level design

Wireless/wired networking

Network Virtualisation & Automation (SDN)

SD-WAN

Endpoint security

Prevent & protect

Managed services

Security Operations Center (SOC)

CSIRT

Network Operations Centre (NOC)

Network as a Service (NaaS)

Endpoint Detection & Response

Governance

Chief Information Security Officer (CISO)

Data Protection Officer (DPO)

Detect & respond

Managed services

Network Operations Centre (NOC)

Security Operations Centre (SOC)

Network as a Service (NaaS)

CISO as a Service

DPO as a Service

Governance

Chief Information Security Officer (CISO)

Data Protection Officer (DPO)

Recover

Cisco Wireless LAN Controller Management Critical Vulnerability

Summary

Affected Products

Unaffected Products

Mitigations

Ready to discuss your security needs?