CVE-2023-20004

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Nov 15, 2024

CWE ID 59

Summary

CVE-2023-20004 refers to three vulnerabilities discovered in the CLI of Cisco TelePresence CE and RoomOS. These vulnerabilities enable an authenticated, local attacker to overwrite arbitrary files on affected devices by exploiting improper access controls. The attacker needs a remote support user account to successfully exploit these vulnerabilities, which could result in significant data loss or system compromise. It is important to note that CVE-2023-20092 does not impact Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates to address these vulnerabilities, and there are currently no workarounds available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2023-20004

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations