Cisco has released software updates for their Nexus 3000, 6000, 9000 Series as well as their 5500 & 5600 Platform Series Switches to address a security vulnerability which could allow for malicious actors to gain root access to the affected systems.

CVE-2022-20650 was given a severity rating of 8.8 and is categorized as an injection flaw in the NX-API of their NX-OS software.

"An attacker could exploit this vulnerability by sending a crafted HTTP POST request to the NX-API of an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system," Cisco wrote in their official release.

There are no current work-arounds though Cisco has noted that the NX-API feature is disabled by default in these products. To check for yourself, you can issue the command: "show feature | include nxapi'' on your NXOS command line interface and look for the output to display “disabled”.

Due to the high impact and low complexity of this exploit, it is recommended that affected systems are updated as soon as possible.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2