CVE-2023-20234
CVSS 3.1 Score 6.0 of 10 (medium)
Details
Summary
CVE-2023-20234 is a vulnerability affecting the Command Line Interface (CLI) of Cisco FXOS Software. It enables authenticated, local attackers to create or overwrite any file on the device's filesystem, including critical system files. The issue arises due to a lack of validation for command parameters. An attacker can exploit this weakness by authenticating to the targeted device and utilizing a specific CLI command. Successful exploitation can result in the overwriting of any file on the device's disk, potentially causing significant damage. To exploit this vulnerability, the attacker must possess valid administrative credentials on the affected Cisco FXOS Software-running device.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.