Cisco WLC Vulnerability Alert

Apr 19, 2022

On Friday, April 15th, Cisco released an advisory to warn of the vulnerability tracked as CVE 2022-20695 (CVSS V3 Score 10.0)

The bug allows threat actors to login to the management console/interface of the wireless LAN controllers without a valid password- which gives access to the access points as well.



Impact:


The affected products run on Cisco WLC software 8.10.151.0 or Release 8.10.162.0 and have macfilter radius capability configured as “other” and are listed below:


  • 3504 Wireless Controller

  • 5520 Wireless Controller

  • 8540 Wireless Controller

  • Mobility Express

  • Virtual Wireless Controller (vWLC)


Cisco has also warned customers using 8.10.151.4 to 8.10.151.10 and 8.10.162.1 to 8.10.162.14 builds, not available through the Software Center, should also consider themselves vulnerable.


Updating to the latest security release, 8.10.1717.0 or later should address the vulnerability. Cisco has provided two workarounds for those who cannot update immediately. The options are listed below.



  1. reset the "macfilter radius compatibility" mode to the default by using the command: "config macfilter radius-compat cisco".

  2. change the configuration to other safe modes, such as "free", using this command: "config macfilter radius-compat free"