PatchSiren cyber security CVE debrief
CVE-2019-1652 Cisco CVE debrief
CVE-2019-1652 is a Cisco Small Business router vulnerability involving improper input validation in the RV320 and RV325 Dual Gigabit WAN VPN Routers. CISA lists it in the Known Exploited Vulnerabilities catalog, which means it has been flagged as actively exploited or otherwise confirmed to be a real-world risk. For defenders, this is an urgent patch-and-review item for any environment that still operates these devices.
- Vendor
- Cisco
- Product
- Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
- CVSS
- Unknown
- CISA KEV
- Listed
- Original CVE published
- 2022-03-03
- Original CVE updated
- 2022-03-03
- Advisory published
- 2022-03-03
- Advisory updated
- 2022-03-03
Who should care
Network and security teams responsible for Cisco Small Business RV320/RV325 routers, especially organizations with internet-facing VPN, remote management, or small-office perimeter deployments. Asset owners, vulnerability managers, and incident responders should also treat this as high priority because it appears in CISA's Known Exploited Vulnerabilities catalog.
Technical summary
The vulnerability is described as an improper input validation issue affecting Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers. The supplied source corpus does not include exploit mechanics, affected code paths, or CVSS details, but CISA's KEV entry confirms the issue is significant enough to require remediation per vendor instructions.
Defensive priority
Urgent. Because the CVE is listed in CISA KEV, it should be prioritized ahead of routine maintenance and handled as a known-exploited risk.
Recommended defensive actions
- Identify whether any Cisco Small Business RV320 or RV325 Dual Gigabit WAN VPN Routers are deployed in your environment.
- Apply vendor updates and remediation guidance as directed by Cisco and referenced by CISA.
- Verify exposure of router management and VPN interfaces, and reduce unnecessary external access until remediation is complete.
- Check for compensating controls, monitor for suspicious activity on affected devices, and validate that remediation has been applied successfully.
Evidence notes
The source corpus provided here is limited to CISA KEV metadata and official record links. CISA's KEV entry identifies the affected Cisco product family, classifies the flaw as an improper input validation vulnerability, and sets a required action of applying updates per vendor instructions. The supplied timeline shows CISA KEV dateAdded 2022-03-03 and dueDate 2022-03-17; these are remediation-context dates, not the original vulnerability creation date. No CVSS score, exploit chain details, or vendor advisory text were included in the corpus.
Official resources
-
CVE-2019-1652 CVE record
CVE.org
-
CVE-2019-1652 NVD detail
NVD
-
CISA Known Exploited Vulnerabilities catalog
CISA - Apply updates per vendor instructions.
-
Source item URL
cisa_kev
CISA KEV lists this CVE with dateAdded 2022-03-03 and dueDate 2022-03-17. The published/modified dates provided in the record reflect the source and CVE metadata supplied here, not the original vulnerability disclosure date.