Rewterz Threat Advisory – CVE-2023-20003 – Cisco Business Wireless Access Points Vulnerability

Rewterz Threat Advisory – CVE-2023-20110 – Cisco Smart Software Manager Vulnerability

May 18, 2023

Rewterz Threat Alert – Donot APT Group – Active IOCs

May 18, 2023

Rewterz Threat Advisory – CVE-2023-20003 – Cisco Business Wireless Access Points Vulnerability

Severity

Medium

Analysis Summary

CVE-2023-20003

Cisco Business Wireless Access Points could allow a remote attacker to bypass security restrictions, caused by a logic error with the social login implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access the Guest Portal without authentication.

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2023-25927

Affected Vendors

Cisco

Affected Products

Cisco Business 140AC APs
Cisco Business 141ACM Mesh Extenders
Cisco Business 142ACM Mesh Extenders
Cisco Business 143ACM Mesh Extenders
Cisco Business 145AC APs
Cisco Business 150AX APs
Cisco Business 151AXM Mesh Extenders
Cisco Business 240AC APs

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

Cisco Security Advisory

Rewterz Threat Advisory – CVE-2023-20110 – Cisco Smart Software Manager Vulnerability

Rewterz Threat Alert – Donot APT Group – Active IOCs

Rewterz Threat Advisory – CVE-2023-20003 – Cisco Business Wireless Access Points Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan