June 7, 2023

Ciscohas patched multiple vulnerabilities across its product portfolio, including high-severity issues impacting its Secure Network Analytics and Identity Services Engine products.

Vulnerability Details

  • The first bug tracked as CVE-2023-20102, an insufficient sanitization of user-provided data parsed into memory. An authenticated, remote attacker could send crafted HTTP requests to an affected device to achieve arbitrary code execution. The vulnerability was addressed with the release of Secure Network Analytics 7.4.1-Patch SMC Rollup #5.
  • The second bug tracked as CVE-2023-20122, an improper validation of parameters sent to the restricted shell in Cisco ISE, which could lead to privilege escalation. An authenticated, local attacker could exploit the issue by sending crafted CLI commands, allowing them to escape the restricted shell and gain root privileges on the operating system. The vulnerability was addressed with the release of ISE version 3.2P1.
  • The third bug tracked as CVE-2023-20121, another improper validation of parameters flaw that impacts the restricted shell of Evolved Programmable Network Manager (EPNM), ISE, and Prime Infrastructure.
  • The fourth bug tracked as CVE-2022-20812, the flaw impacts the cluster database API of the affected products, and allows an authenticated, remote attacker to overwrite files on the affected device with root privileges. The issue exists because user-supplied command arguments are not sufficiently validated. To exploit, an attacker needs to authenticate with administrative read-write privileges and submit crafted input. A partial fix for this bug was included in the Expressway series and TelePresence VCS release 14.0.7. A full patch will be included in release 14.3, which is expected to become available in late April.
  • Two high-severity vulnerabilities tracked as CVE-2023-20117 and CVE-2023-20128 impacting Small Business RV320 and RV325 routers that could allow an authenticated, remote attacker to execute arbitrary commands on the affected devices. Since the routers are EOL, Cisco won’t release patches.

Cisco says it is not aware of any of these security defects being exploited in attacks. Detailed information on these vulnerabilities can be found on Cisco’s product security

Leave a Reply

%d bloggers like this: