CVE-2023-20091

UNIX Symbolic Link (Symlink) Following (CWE-61)

Published: Nov 15, 2024 / Updated: 4d ago

010
CVSS 5.1EPSS 0.04%Medium
CVE info copied to clipboard

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit this vulnerability, an attacker would need to have a remote support user account. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Timeline

First Article

Feedly found the first article mentioning CVE-2023-20091. See article

Apr 19, 2023 at 4:07 PM / sec.cloudapps.cisco.com
CVE Assignment

NVD published the first details for CVE-2023-20091

Nov 15, 2024 at 4:15 PM
CVSS

A CVSS base score of 5.1 has been assigned.

Nov 15, 2024 at 4:21 PM / nvd
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Nov 15, 2024 at 8:58 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 10.2%)

Nov 18, 2024 at 5:16 PM
Static CVE Timeline Graph

Affected Systems

Cisco/telepresence_ce
+null more

Attack Patterns

CAPEC-27: Leveraging Race Conditions via Symbolic Links
+null more

News

Medium - CVE-2023-20091 - A vulnerability in the CLI of Cisco...
A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This...
CVE-2023-20091
A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit this vulnerability, an attacker would need to have a remote support user account. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability
Cisco - MEDIUM - CVE-2023-20091 A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit this vulnerability, an attacker would need to have a remote support user account. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Content warning: CISCO CISCO TELEPRESENCE ENDPOINT SOFTWARE (TC/CE) CVE-2023-20091 CVE-2023-20091 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit this vulnerability, an attacker would need to have a remote support user account. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://www. cve.org/CVERecord?id=CVE-2023- 20091 https:// sec.cloudapps.cisco.com/securi ty/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-file-write-rHKwegKf # cisco # Cisco # CiscoTelePresenceEndpointSoftware (TC/CE) # CVE_2023_20091 # bot
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint and RoomOS
The vulnerability exists due to improper access control on certain CLI commands, which leads to security restrictions bypass and privilege escalation. The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
See 5 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:High
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:High
Availability Impact:Low

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI