Main Vulnerability Database Vulnerabilities #VU74551

Authentication Bypass by Capture-replay in Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and RDP - CVE-2023-20123

Published: April 6, 2023

Vulnerability identifier: #VU74551

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-20123

CWE-ID: CWE-294

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Duo Two-Factor Authentication for macOS
Duo Authentication for Windows Logon and RDP

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to session credentials do not properly expire within the offline access mode. An attacker with physical access can replay previously used multifactor authentication (MFA) codes to bypass MFA protection.

Remediation

Install updates from vendor's website.

External links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-replay-knuNKd

Authentication Bypass by Capture-replay in Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and RDP - CVE-2023-20123

Description

Remediation

External links

Please verify you're human