February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – MurenShark APT Threat Actors aka Actor210426 – Active IOCs
February 15, 2023Rewterz Threat Advisory – CVE-2023-20009 – Cisco ESA and Secure Email and Web Manager Vulnerability
February 16, 2023Rewterz Threat Alert – MurenShark APT Threat Actors aka Actor210426 – Active IOCs
February 15, 2023Rewterz Threat Advisory – CVE-2023-20009 – Cisco ESA and Secure Email and Web Manager Vulnerability
February 16, 2023
Severity
Medium
Analysis Summary
CVE-2023-20075
Cisco Email Security Appliance could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper input validation in the CLI. By sending specially-crafted operating system commands, an attacker could exploit this vulnerability to execute arbitrary commands on the underlying operating system as the CLI process user.
Impact
- Command Execution
Indicators Of Compromise
CVE
- CVE-2023-20075
Affected Vendors
Cisco
Affected Products
- Cisco Email Security Appliance (ESA)
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.