CVE-2023-20234

CVSS 3.1 Score 6.0 of 10 (medium)

Details

Published Aug 23, 2023
Updated: Jan 25, 2024
CWE ID 732
CWE ID 73

Summary

CVE-2023-20234 is a vulnerability affecting the Command Line Interface (CLI) of Cisco FXOS Software. It enables authenticated, local attackers to create or overwrite any file on the device's filesystem, including critical system files. The issue arises due to a lack of validation for command parameters. An attacker can exploit this weakness by authenticating to the targeted device and utilizing a specific CLI command. Successful exploitation can result in the overwriting of any file on the device's disk, potentially causing significant damage. To exploit this vulnerability, the attacker must possess valid administrative credentials on the affected Cisco FXOS Software-running device.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share