medium
5.5
CWE
22 79
Advisory Published
Updated

CVE-2022-20725: Cisco IOx Application Hosting Environment Vulnerabilities

First published: Fri Apr 15 2022(Updated: )

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco CGR 1000 Compute Module
Cisco IC3000 Industrial Compute Gateway firmware
Cisco IR510 Operating System
Cisco IOS=15.2\(5\)e1
Cisco IOS=15.2\(5\)e2c
Cisco IOS=15.2\(6\)e0a
Cisco IOS=15.2\(6\)e1
Cisco IOS=15.2\(6\)e2a
Cisco IOS=15.2\(7\)e
Cisco IOS=15.2\(7\)e0b
Cisco IOS=15.2\(7\)e0s
Cisco IOS=15.6\(1\)t1
Cisco IOS=15.6\(1\)t2
Cisco IOS=15.6\(1\)t3
Cisco IOS=15.6\(2\)t
Cisco IOS=15.6\(2\)t0a
Cisco IOS=15.6\(2\)t1
Cisco IOS=15.6\(2\)t2
Cisco IOS=15.6\(2\)t3
Cisco IOS=15.6\(3\)m
Cisco IOS=15.6\(3\)m0a
Cisco IOS=15.6\(3\)m1
Cisco IOS=15.6\(3\)m1a
Cisco IOS=15.6\(3\)m1b
Cisco IOS=15.6\(3\)m2
Cisco IOS=15.6\(3\)m2a
Cisco IOS=15.6\(3\)m3
Cisco IOS=15.6\(3\)m3a
Cisco IOS=15.6\(3\)m4
Cisco IOS=15.6\(3\)m5
Cisco IOS=15.6\(3\)m6
Cisco IOS=15.6\(3\)m6a
Cisco IOS=15.6\(3\)m6b
Cisco IOS=15.6\(3\)m7
Cisco IOS=15.6\(3\)m8
Cisco IOS=15.6\(3\)m9
Cisco IOS=15.7\(3\)m
Cisco IOS=15.7\(3\)m0a
Cisco IOS=15.7\(3\)m1
Cisco IOS=15.7\(3\)m2
Cisco IOS=15.7\(3\)m3
Cisco IOS=15.7\(3\)m4
Cisco IOS=15.7\(3\)m4a
Cisco IOS=15.7\(3\)m4b
Cisco IOS=15.7\(3\)m5
Cisco IOS=15.7\(3\)m6
Cisco IOS=15.7\(3\)m7
Cisco IOS=15.7\(3\)m8
Cisco IOS=15.7\(3\)m9
Cisco IOS=15.8\(3\)m
Cisco IOS=15.8\(3\)m0a
Cisco IOS=15.8\(3\)m0b
Cisco IOS=15.8\(3\)m1
Cisco IOS=15.8\(3\)m1a
Cisco IOS=15.8\(3\)m2
Cisco IOS=15.8\(3\)m2a
Cisco IOS=15.8\(3\)m3
Cisco IOS=15.8\(3\)m3a
Cisco IOS=15.8\(3\)m3b
Cisco IOS=15.8\(3\)m4
Cisco IOS=15.8\(3\)m5
Cisco IOS=15.8\(3\)m6
Cisco IOS=15.8\(3\)m7
Cisco IOS=15.9\(3\)m
Cisco IOS=15.9\(3\)m0a
Cisco IOS=15.9\(3\)m1
Cisco IOS=15.9\(3\)m2
Cisco IOS=15.9\(3\)m2a
Cisco IOS=15.9\(3\)m3
Cisco IOS=15.9\(3\)m3a
Cisco IOS=15.9\(3\)m3b
Cisco IOS=15.9\(3\)m4
Cisco IOS=15.9\(3\)m4a
Cisco IOS XE=16.3.1
Cisco IOS XE=16.3.1a
Cisco IOS XE=16.3.2
Cisco IOS XE=16.3.3
Cisco IOS XE=16.3.4
Cisco IOS XE=16.3.5
Cisco IOS XE=16.3.5b
Cisco IOS XE=16.3.6
Cisco IOS XE=16.3.7
Cisco IOS XE=16.3.8
Cisco IOS XE=16.3.9
Cisco IOS XE=16.3.10
Cisco IOS XE=16.3.11
Cisco IOS XE=16.4.1
Cisco IOS XE=16.4.2
Cisco IOS XE=16.4.3
Cisco IOS XE=16.5.1
Cisco IOS XE=16.5.1a
Cisco IOS XE=16.5.1b
Cisco IOS XE=16.5.2
Cisco IOS XE=16.5.3
Cisco IOS XE=16.6.1
Cisco IOS XE=16.6.2
Cisco IOS XE=16.6.3
Cisco IOS XE=16.6.4
Cisco IOS XE=16.6.4a
Cisco IOS XE=16.6.4s
Cisco IOS XE=16.6.5
Cisco IOS XE=16.6.5a
Cisco IOS XE=16.6.5b
Cisco IOS XE=16.6.6
Cisco IOS XE=16.6.7
Cisco IOS XE=16.6.7a
Cisco IOS XE=16.6.8
Cisco IOS XE=16.6.9
Cisco IOS XE=16.6.10
Cisco IOS XE=16.7.1
Cisco IOS XE=16.7.1a
Cisco IOS XE=16.7.1b
Cisco IOS XE=16.7.2
Cisco IOS XE=16.7.3
Cisco IOS XE=16.7.4
Cisco IOS XE=16.8.1
Cisco IOS XE=16.8.1a
Cisco IOS XE=16.8.1b
Cisco IOS XE=16.8.1c
Cisco IOS XE=16.8.1d
Cisco IOS XE=16.8.1e
Cisco IOS XE=16.8.1s
Cisco IOS XE=16.8.2
Cisco IOS XE=16.8.3
Cisco IOS XE=16.9.1
Cisco IOS XE=16.9.1a
Cisco IOS XE=16.9.1b
Cisco IOS XE=16.9.1c
Cisco IOS XE=16.9.1d
Cisco IOS XE=16.9.1s
Cisco IOS XE=16.9.2
Cisco IOS XE=16.9.2a
Cisco IOS XE=16.9.2s
Cisco IOS XE=16.9.3
Cisco IOS XE=16.9.3a
Cisco IOS XE=16.9.3h
Cisco IOS XE=16.9.3s
Cisco IOS XE=16.9.4
Cisco IOS XE=16.9.4c
Cisco IOS XE=16.9.5
Cisco IOS XE=16.9.5f
Cisco IOS XE=16.9.6
Cisco IOS XE=16.9.7
Cisco IOS XE=16.9.8
Cisco IOS XE=16.10.1
Cisco IOS XE=16.10.1a
Cisco IOS XE=16.10.1b
Cisco IOS XE=16.10.1c
Cisco IOS XE=16.10.1d
Cisco IOS XE=16.10.1e
Cisco IOS XE=16.10.1f
Cisco IOS XE=16.10.1g
Cisco IOS XE=16.10.1s
Cisco IOS XE=16.10.2
Cisco IOS XE=16.10.3
Cisco IOS XE=16.11.1
Cisco IOS XE=16.11.1a
Cisco IOS XE=16.11.1b
Cisco IOS XE=16.11.1c
Cisco IOS XE=16.11.1s
Cisco IOS XE=16.11.2
Cisco IOS XE=16.12.1
Cisco IOS XE=16.12.1a
Cisco IOS XE=16.12.1c
Cisco IOS XE=16.12.1s
Cisco IOS XE=16.12.1t
Cisco IOS XE=16.12.1w
Cisco IOS XE=16.12.1x
Cisco IOS XE=16.12.1y
Cisco IOS XE=16.12.2
Cisco IOS XE=16.12.2a
Cisco IOS XE=16.12.2s
Cisco IOS XE=16.12.2t
Cisco IOS XE=16.12.3
Cisco IOS XE=16.12.3a
Cisco IOS XE=16.12.3s
Cisco IOS XE=16.12.4
Cisco IOS XE=16.12.4a
Cisco IOS XE=16.12.5
Cisco IOS XE=16.12.5a
Cisco IOS XE=17.1.1
Cisco IOS XE=17.1.1a
Cisco IOS XE=17.1.1s
Cisco IOS XE=17.1.1t
Cisco IOS XE=17.1.2
Cisco IOS XE=17.1.3
Cisco IOS XE=17.2.1
Cisco IOS XE=17.2.1a
Cisco IOS XE=17.2.1r
Cisco IOS XE=17.2.1v
Cisco IOS XE=17.2.2
Cisco IOS XE=17.2.3
Cisco IOS XE=17.3.1
Cisco IOS XE=17.3.1a
Cisco IOS XE=17.3.1w
Cisco IOS XE=17.3.1x
Cisco IOS XE=17.3.1z
Cisco IOS XE=17.3.2
Cisco IOS XE=17.3.2a
Cisco IOS XE=17.3.3
Cisco IOS XE=17.3.3a
Cisco IOS XE=17.3.4
Cisco IOS XE=17.3.4a
Cisco IOS XE=17.3.4b
Cisco IOS XE=17.3.4c
Cisco IOS XE=17.4.1
Cisco IOS XE=17.4.1a
Cisco IOS XE=17.4.1b
Cisco IOS XE=17.4.1c
Cisco IOS XE=17.4.2
Cisco IOS XE=17.4.2a
Cisco IOS XE=17.5.1
Cisco IOS XE=17.5.1a
Cisco IOS XE=17.6.1
Cisco IOS XE=17.6.1a
Cisco 800 Series Routers
Cisco 807 Industrial Integrated Services Router
Cisco 812 3G Integrated Services Router
Cisco 812 3G Integrated Services Router
Cisco 819 Hardened Integrated Services Router
Cisco 819 Hardened Dual Radio 802.11n WiFi Integrated Services Router
Cisco 829 Industrial Integrated Services Router Firmware
Cisco 860vae-w Integrated Services Router
Cisco 861w Integrated Services Router
Cisco 861 Integrated Services Router
Cisco c866vae integrated services router
Cisco 867 Integrated Services Router
Cisco 867 Integrated Services Router
Cisco 880-voice Integrated Services Router
Cisco Integrated Services Routers Generation 2 (ISR G2)
Cisco 881-CUBE Integrated Services Router
Cisco c881w Integrated Services Router
Cisco 881-CUBE Integrated Services Router
Cisco c881w Integrated Services Router
Cisco 886 Integrated Services Router
Cisco 886va-cube Integrated Services Router
Cisco c886vaj Integrated Services Router
Cisco 886va-w Integrated Services Router
Cisco 886vag 3g Integrated Services Router
Cisco 887 Integrated Services Router
Cisco 887v Integrated Services Router
Cisco 887va-cube Integrated Services Router
Cisco c887va Integrated Services Router
Cisco 887va-cube Integrated Services Router
Cisco 887vagw 3G Integrated Services Router
Cisco 887vam-w Integrated Services Router
Cisco 887vagw 3G Integrated Services Router
Cisco 888e-cube Integrated Services Router
Cisco 888e-cube Integrated Services Router
Cisco 888e-cube Integrated Services Router
Cisco 888e-cube Integrated Services Router
Cisco 888EG 3G Integrated Services Router
Cisco 888w Integrated Services Router
Cisco 891-24x Integrated Services Router
Cisco 891-24x Integrated Services Router
Cisco 891w Integrated Services Router
Cisco 892 Integrated Services Router
Cisco 892f-cube Integrated Services Router
Cisco 892w Integrated Services Router
Cisco CGR 1000 Compute Module
Cisco 1120 Connected Grid Router
Cisco Aironet AP1240
Cisco IC3000 Industrial Compute Gateway firmware
Cisco IE-4000 Series Industrial Ethernet Switch
Cisco IE-4000 Series Industrial Ethernet Switch
Cisco IE-4000 Series Industrial Ethernet Switch
Cisco IE 4000 Series Industrial Ethernet Switch
Cisco IE-4000-4S8P4G-E Industrial Ethernet Switch
Cisco IE-4000-4T4P4G-E Industrial Ethernet Switch
Cisco IE-4000-4T4P4G-E Industrial Ethernet Switch
Cisco IE-4000-8GS4G-E Industrial Ethernet Switch
Cisco IE-4000-8GT4G-E Industrial Ethernet Switch
Cisco IE-4000-8GT8GP4G-E Industrial Ethernet Switch
Cisco IE-4000 Series Industrial Ethernet Switch
Cisco IE-4000 Series Industrial Ethernet Switch
Cisco IE-4010-16S12P Industrial Ethernet Switch
Cisco IE-4010-4S24P
Cisco IR510 WPAN

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-20725?

    CVE-2022-20725 has a CVSS score that indicates high severity due to its potential for command injection and execution of arbitrary code.

  • How do I fix CVE-2022-20725?

    To fix CVE-2022-20725, update your Cisco devices to the patched versions provided in the security advisory.

  • Which Cisco products are affected by CVE-2022-20725?

    CVE-2022-20725 affects multiple Cisco platforms, including the Cisco CGR 1000, IC3000 Industrial Compute Gateway, and various Cisco IOS versions.

  • What are the potential impacts of CVE-2022-20725?

    Exploitation of CVE-2022-20725 can allow attackers to execute arbitrary commands and potentially compromise the underlying host operating system.

  • Is CVE-2022-20725 actively exploited in the wild?

    As of the last reports, there have not been confirmed active exploits of CVE-2022-20725 in the wild, but systems should be patched promptly to mitigate risks.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203