Multiple vulnerabilities in Cisco IOS XE Web UI software
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2023-20198 CVE-2023-20273 |
| CWE-ID | CWE-269 |
| Exploitation vector | Network |
| Public exploit |
Vulnerability #1 is being exploited in the wild. Vulnerability #2 is being exploited in the wild. |
| Vulnerable software Subscribe |
Cisco IOS XE Operating systems & Components / Operating system |
| Vendor |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
Updated 23.10.2023
Added vulnerability #2
1) Improper Privilege Management
EUVDB-ID: #VU82065
Risk: Critical
CVSSv3.1: 9.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2023-20198
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to improper privilege management in the web UI feature. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected device and create an account with privilege level 15 access.
Note, the vulnerability is being actively exploited in the wild.
Install update from vendor's website.
Vulnerable software versionsCisco IOS XE: before 17.9.4a
External linkshttp://bst.cloudapps.cisco.com/bugsearch/bug/CSCwh87343
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
http://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting/
http://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-deep-dive-and-poc/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
2) Improper Privilege Management
EUVDB-ID: #VU82295
Risk: High
CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2023-20273
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: Yes
Description
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to improper privilege management in the web UI feature. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected device and create an account with privilege level 15 access.
Note, the vulnerability is being actively exploited in the wild.
Install update from vendor's website.
Vulnerable software versionsCisco IOS XE: before 17.9.4a
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
