SARA / Free Tools / CVE / CVE-2022-20775

CVE-2022-20775 — Cisco SD-WAN Path Traversal Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.

CVSS
7.8 HIGH
EPSS
50.00% (top 34.10%)
CWE
CWE-25
Published
2022-09-30T18:45:26.687Z
Last modified
2026-03-02T13:12:09.231Z
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA KEV — Actively Exploited
Added to KEV
2026-02-25
BOD 22-01 due
2026-02-27
Ransomware use
Unknown
View KEV detail
CVE-2022-20775 on CISA KEV →

01What is this vulnerability?

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.

02Affected products

VendorProductVersions
CiscoCisco Catalyst SDWAN — 18.3.1, 19.2.1, 17.2.4, 19.3.0, 18.3.0, 18.3.4, 18.4.303, 18.4.0.1, 17.2.9, 18.3.7, 18.2.0, 17.2.10, 18.4.5, 18.4.0, 17.2.5, 18.3.8, 18.4.4, 18.4.302, 17.2.7, 19.2.098, 20.1.1, 19.2.099, 18.3.3, 18.4.1, 17.2.8, 18.3.5, 19.0.0, 18.4.3, 19.1.0, 17.2.6, 18.3.3.1, 19.2.097, 20.1.1.1, 18.3.6, 19.2.0, 19.2.2, 20.1.11, 20.1.12, 19.1.0a, 19.2.3, 17.3.1ESM1, 20.3.1, 17.3.1ESM2, 17.2.1LA, 20.1.2, 17.3.1ESM3, 19.2.929, 19.2.31, 20.3.2, 19.2.32, 17.3.2ESM1, 20.3.2.1, 18.4.6, 20.4.1, 17.3.2ESM2, 19.2.4, 20.4.1.1, 20.3.3, 20.3.809, 20.3.3.1, 20.5.1, 20.3.811, 20.1.3, 20.4.1.2, 17.4.2.2527, 17.4.2ES1, 17.3.2ESM3, 20.4.2, 20.3.4, 20.6.1, 20.6.1.1, 20.6.2, 20.7.1, 20.4.2.1, 20.3.4.1, 20.5.1.1, 20.6.2.1, 20.3.4.2, 20.4.2.2, 20.6.2.2, 20.5.1.2, 20.7.1.1, 20.3.5, 20.6.3, 20.7.2, 20.6.3.1, 20.6.4, 20.3.6, 20.6.5, 20.3.7, 20.6.5.1, 20.6.4.1, 20.6.3.2, 20.4.2.3, 20.6.1.2, 20.3.4.3, 20.6.5.2, 20.3.3.2, 20.3.7.1, 20.3.5.1, 20.1.3.1, 20.6.5.3, 20.6.3.3, 20.3.7.2, 20.6.5.4, 20.6.4.2, 20.6.5.5, 20.6.3.4, 20.3.8, 20.6.6, 20.6.7, 20.6.8
CiscoCisco Catalyst SDWAN Manager — 20.1.12, 19.2.1, 18.4.4, 18.4.5, 20.1.1.1, 20.1.1, 19.3.0, 19.2.2, 19.2.099, 18.3.6, 18.3.7, 19.2.0, 18.3.8, 19.0.0, 19.1.0, 18.4.302, 18.4.303, 19.2.097, 19.2.098, 17.2.10, 18.3.6.1, 19.0.1a, 18.2.0, 18.4.3, 18.4.1, 17.2.8, 18.3.3.1, 18.4.0, 18.3.1, 17.2.6, 17.2.9, 18.3.4, 17.2.5, 18.3.1.1, 18.3.5, 18.4.0.1, 18.3.3, 17.2.7, 17.2.4, 18.3.0, 19.2.3, 18.4.501_ES, 20.3.1, 20.1.2, 19.2.929, 19.2.31, 20.3.2, 19.2.32, 20.3.2_925, 20.3.2.1, 20.3.2.1_927, 18.4.6, 20.1.2_937, 20.4.1, 20.3.2_928, 20.3.2_929, 20.4.1.0.1, 20.3.2.1_930, 19.2.4, 20.5.0.1.1, 20.4.1.1, 20.3.3, 19.2.4.0.1, 20.3.2_937, 20.3.3.1, 20.5.1, 20.1.3, 20.3.3.0.4, 20.3.3.1.2, 20.3.3.1.1, 20.4.1.2, 20.3.3.0.2, 20.4.1.1.5, 20.4.1.0.01, 20.4.1.0.02, 20.3.3.1.7, 20.3.3.1.5, 20.5.1.0.1, 20.3.3.1.10, 20.3.3.0.8, 20.4.2, 20.4.2.0.1, 20.3.4, 20.3.3.0.14, 19.2.4.0.8, 19.2.4.0.9, 20.3.4.0.1, 20.3.2.0.5, 20.6.1, 20.5.1.0.2, 20.3.3.0.17, 20.6.1.1, 20.6.0.18.3, 20.3.2.0.6, 20.6.0.18.4, 20.4.2.0.2, 20.3.3.0.16, 20.3.4.0.5, 20.6.1.0.1, 20.3.4.0.6, 20.6.2, 20.7.1EFT2, 20.3.4.0.9, 20.3.4.0.11, 20.4.2.0.4, 20.3.3.0.18, 20.7.1, 20.6.2.1, 20.3.4.1, 20.5.1.1, 20.4.2.1, 20.4.2.1.1, 20.3.4.1.1, 20.3.813, 20.3.4.0.19, 20.4.2.2.1, 20.5.1.2, 20.3.4.2, 20.3.814, 20.4.2.2, 20.6.2.2, 20.3.4.2.1, 20.7.1.1, 20.3.4.1.2, 20.6.2.2.2, 20.3.4.0.20, 20.6.2.2.3, 20.4.2.2.2, 20.3.5, 20.6.2.0.4, 20.4.2.2.3, 20.3.4.0.24, 20.6.2.2.7, 20.6.3, 20.3.4.2.2, 20.4.2.2.4, 20.7.1.0.2, 20.3.5.0.8, 20.3.5.0.9, 20.3.5.0.7, 20.3.6, 20.3.7, 20.3.5.1, 20.3.4.3, 20.3.3.2, 20.3.7.1, 20.3.4.0.25, 20.6.2.2.4, 20.6.1.2, 20.3.4.0.26, 20.3.7.2, 20.3.8
CiscoCisco SDWAN vContainer — 18.4.5, 20.1.12, 18.3.6, 19.2.1, 19.3.0, 20.1.1, 19.2.2, 18.3.8, 18.4.3, 18.4.4, 18.4.302, 19.1.0, 18.4.303, 19.2.0, 19.2.098, 17.2.10, 18.3.7, 18.3.1, 19.2.099, 19.2.097, 18.3.4, 18.2.0, 18.3.5, 18.4.1, 17.2.5, 17.2.7, 17.2.8, 17.2.9, 18.4.0, 17.2.6, 18.3.0, 17.2.4, 18.3.3, 19.2.3, 20.3.1, 20.1.2
CiscoCisco SDWAN vEdge Cloud — 19.2.1, 20.1.12, 18.4.4, 19.3.0, 18.3.8, 19.2.2, 20.1.1, 18.3.6, 18.4.3, 18.4.302, 18.4.5, 18.4.303, 19.2.098, 19.1.0, 17.2.10, 19.0.1a, 19.2.099, 18.3.7, 19.2.097, 18.3.1, 19.2.0, 17.2.9, 18.3.4, 18.2.0, 18.4.1, 17.2.5, 18.4.0, 18.3.5, 18.3.3, 17.2.7, 17.2.6, 17.2.8, 18.3.0, 17.2.4, 19.2.3, 20.3.1, 20.1.2, 19.2.929, 19.2.31, 20.3.2, 19.2.32, 18.4.6, 20.4.1, 19.2.4, 20.4.1.1, 20.3.3, 20.5.1, 20.1.3, 20.4.1.2, 20.4.2, 20.3.4, 20.6.1, 20.6.2, 20.7.1, 20.3.5, 20.6.3, 20.7.2, 20.6.4, 20.3.6, 20.6.5, 20.3.7, 20.4.2.3, 20.3.4.3, 20.6.4.1, 20.6.3.2, 20.3.5.1, 20.6.5.2, 20.3.7.1, 20.3.3.2, 20.6.1.2, 20.1.3.1, 20.6.5.3, 20.6.3.3, 20.3.7.2, 20.6.5.4, 20.3.8, 20.6.6, 20.6.7, 20.6.8
CiscoCisco SDWAN vEdge Router — 18.4.303, 18.3.7, 19.3.0, 18.2.0, 20.1.12, 19.2.099, 17.2.10, 18.3.3, 18.3.6, 19.0.0, 17.2.6, 18.4.0, 19.1.01, 19.2.098, 18.3.1, 18.4.302, 19.2.2, 18.3.5, 17.2.9, 19.1.0, 20.1.11, 19.2.097, 18.4.5, 17.2.5, 17.2.8, 18.3.8, 18.3.0, 18.4.3, 18.4.4, 19.2.1, 17.2.4, 18.3.4, 19.0.1a, 20.1.1, 17.2.7, 18.4.1, 19.2.0, 19.2.3, 20.3.1, 20.1.2, 19.2.929, 19.2.31, 20.3.2, 19.2.32, 18.4.6, 20.4.1, 19.2.4, 20.4.1.1, 20.3.3, 20.5.1, 20.1.3, 20.4.1.2, 20.4.2, 20.3.4, 20.6.1, 20.6.2, 20.7.1, 20.7.1.2, 20.3.5, 20.6.3, 20.7.2, 20.6.4, 20.3.6, 20.6.5, 20.3.7, 20.6.5.1, 20.3.3.2, 20.6.4.1, 20.6.3.2, 20.3.4.3, 20.6.5.2, 20.3.7.1, 20.3.5.1, 20.6.1.2, 20.6.5.3, 20.6.3.3, 20.3.7.2, 20.6.5.4, 20.3.8, 20.6.6, 20.6.7, 20.6.8

03Active exploitation status

Yes — actively exploited. Added to the CISA KEV catalog on 2026-02-25. Ransomware use: Unknown.

04Recommended remediation

05Technical details

For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.

06Detection signatures

Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:

Open in Sigma generator →

07Related CVEs

No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.

08Timeline

09References

Want this in your SOAR or SIEM?
SARA's API returns EPSS, CVSS, KEV, and an analyst-grade summary in one call.
Read the API reference →
EPSS detail → Search KEV → Ask SARA →