CVE-2023-20273
Cisco IOS XE Web UI Command Injection Vulnerability
CVSS
—
Sin CVSS
EPSS
89.6%
p100
KEV
SÍ
23 oct 2023
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Cisco / Cisco IOS XE Web UI
Vulnerabilidad
Cisco IOS XE Web UI Command Injection Vulnerability
Añadido a KEV
23 oct 2023
Remediar antes de
27 oct 2023
Uso conocido en ransomware
No
Descripción resumida
Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.
Acción requerida
Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.
Notas
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z; https://nvd.nist.gov/vuln/detail/CVE-2023-20273
Sin CVEs relacionados por CWE o producto.