Hi All
Please can you tell me if the planned upgrade we have to MR 28.6 will remediate published vulnerability CVE-2022-20685, which impacts MX84 and MX100 Meraki devices?
Kind Regards
Hi,
I believe not, check the notes:
Meraki APs use UDP port 7351 for cloud communication and TCP ports 80 and 443 for backup communications when running MR 27 and older firmware. When running MR 28 firmware, Meraki APs will now use TCP port 443 as the primary means for cloud connectivity. In order to maintain connectivity to the Meraki cloud on MR 28+ ensure that TCP port 443 is allowed to communicate with 209.206.48.0/20 on firewalls that are deployed upstream of your Meraki APs. (Wi-Fi 6 MRs)
There is no impact on MX devices.
Hi - thanks for your reply. However, the Cisco Security Advisory for the CVE in question states as follows:
Meraki MX Software
MX14 | Migrate to a fixed release. |
MX15 | Migrate to a fixed release. |
MX16 | Hotfix planned for mid-February 2022.1 Release planned for March 2022.2 |
Hi,
I understand, but MR 28.6 is about Access points not about MX devices.
Take a look at MX 15.44.1 release notes.
Okay, thanks for pointing that out. So, would you happen to know how I can find out if the planned hotfix Cisco had for Feb 2022 for the MX devices is available, or any way to check on the devices themselves to see if the hotfix has been applied?
Kind Regards
well, I checked the firmware available in Organization > Monitor > Firmware upgrades, and I didn't find any information related to CVE-2022-20685. Maybe you can open a ticket to check with the support team.
okay thank you, I have opened a ticket with Cisco TAC, but wanted to check here on the forums too.
Appreciate your replies.
Let us know 🙂
Just to round out this thread, only Meraki MX devices have been listed as impacted in Cisco's PSIRT.
The fixed release for the MX is 16.16
Multiple Cisco Products Snort Modbus Denial of Service Vulnerability
Is it confirmed that only MX16.16 contains the fix ? Not 15.44.3 or anything else