CVE-2023-20092

UNIX Symbolic Link (Symlink) Following (CWE-61)

Published: Nov 15, 2024 / Updated: 4d ago

010
CVSS 4.4EPSS 0.04%Medium
CVE info copied to clipboard

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account. Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2023-20092. See article

Apr 19, 2023 at 4:07 PM / sec.cloudapps.cisco.com
CVE Assignment

NVD published the first details for CVE-2023-20092

Nov 15, 2024 at 4:15 PM
CVSS

A CVSS base score of 4.4 has been assigned.

Nov 15, 2024 at 4:20 PM / nvd
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Nov 15, 2024 at 8:58 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 10.2%)

Nov 18, 2024 at 5:16 PM
Static CVE Timeline Graph

Affected Systems

Cisco/telepresence_ce
+null more

Attack Patterns

CAPEC-27: Leveraging Race Conditions via Symbolic Links
+null more

News

Medium - CVE-2023-20004 - Three vulnerabilities in the CLI of Cisco...
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device....
CVE-2023-20093
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account. Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Write Vulnerability
Cisco - MEDIUM - CVE-2023-20004 Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account. Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File ...
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device.
CVE-2023-20004 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Write Vulnerability
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account. Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these...
See 7 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:High
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:High
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI