Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple VMware Aria Operations for Networks Vulnerabilities
June 8, 2023
Rewterz
Rewterz Threat Advisory – ICS: Delta Electronics CNCSoft-B DOPSoft Vulnerability
June 8, 2023

Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-20108 CVSS:7.5

Cisco Unified CM IM&P is vulnerable to a denial of service, caused by improper validation of user-supplied input. By sending a specially crafted login message, a remote attacker could exploit this vulnerability to cause an unexpected restart of the authentication service, preventing new users from successfully authenticating.

CVE-2023-20178 CVSS:7.8

Cisco AnyConnect Secure Mobility Client and Secure Client Software for Windows for Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by an improper permissions assignment to a temporary directory created during the upgrade process. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to execute code with SYSTEM privileges.

CVE-2023-20006 CVSS:8.6

Cisco Expressway Series and Cisco TelePresence VCS could allow a local authenticated attacker to gain elevated privileges on the system, caused by the incorrect implementation of user role permissions. By issuing commands normally reserved for administrators with read-write capabilities, an attacker could exploit this vulnerability to execute commands beyond the sphere of their intended access level, including modifying system configuration parameters.

CVE-2023-20192 CVSS:8.4

Cisco Expressway Series and Cisco TelePresence VCS could allow a local authenticated attacker to gain elevated privileges on the system, caused by the incorrect implementation of user role permissions. By issuing commands normally reserved for administrators with read-write capabilities, an attacker could exploit this vulnerability to execute commands beyond the sphere of their intended access level, including modifying system configuration parameters.

CVE-2023-20105 CVSS:9.6

Cisco Expressway Series and Cisco TelePresence VCS could allow a remote authenticated attacker to gain elevated privileges on the system, caused by the incorrect handling of password change requests. By sending a specially crafted request to the web-based management interface, an attacker could exploit this vulnerability to alter the passwords of any user on the system, including an administrative read-write user, and then impersonate that user.

Impact

  • Denial of Service
  • Privilege Escalation

Indicators Of Compromise

CVE

  • CVE-2023-20108
  • CVE-2023-20178
  • CVE-2023-20006
  • CVE-2023-20192
  • CVE-2023-20105

Affected Vendors

Cisco

Affected Products

  • Cisco TelePresence VCS Release 14
  • Cisco Firepower Threat Defense Software 7.2.3
  • Cisco Firepower Threat Defense Software 7.2.2
  • Cisco Adaptive Security Appliance Software 9.18.2.5
  • Cisco Firepower Threat Defense Software 7.2.1
  • Cisco Adaptive Security Appliance Software 9.18.2
  • Cisco Adaptive Security Appliance Software 9.16.4
  • Cisco Secure Client Software for Windows
  • Cisco AnyConnect Secure Mobility Client Software for Window
  • Cisco Unified Communications Manager IM & Presence Service

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

CVE-2023-20108

CVE-2023-20178

CVE-2023-20006

CVE-2023-20192

CVE-2023-20105