CVE-2023-20273
Key Information
- Vendor
- Cisco
- Status
- Cisco IOS XE Software
- Vendor
- CVE Published:
- 25 October 2023
Badges
Summary
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2023-20273 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.
Affected Version(s)
Cisco IOS XE Software = 16.1.1
Cisco IOS XE Software = 16.1.2
Cisco IOS XE Software = 16.1.3
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Cisco patches IOS XE vulnerabilities actively being exploited
CVE-2023-20198 and CVE-2023-20273 affect Cisco IOS XE software if the web UI feature is enabled.
11 months ago
Cisco patches IOS XE zero-days used to hack over 50,000 devices
Cisco has addressed the two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise tens of thousands of IOS XE devices over the past week.
11 months ago
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices
🚨 Cisco issued an alert about a new zero-day vulnerability in IOS XE (CVE-2023-20273). Attackers are actively exploiting it to install malware.
11 months ago
EPSS Score
3% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
Vulnerability published.
First article discovered by The Hacker News
- 👾
Exploit exists.
Vulnerability Reserved.