CVE-2023-20093

UNIX Symbolic Link (Symlink) Following (CWE-61)

Published: Nov 15, 2024 / Updated: 4d ago

010
CVSS 4.4EPSS 0.04%Medium
CVE info copied to clipboard

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account. Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2023-20093. See article

Apr 19, 2023 at 4:07 PM / sec.cloudapps.cisco.com
CVE Assignment

NVD published the first details for CVE-2023-20093

Nov 15, 2024 at 4:15 PM
CVSS

A CVSS base score of 4.4 has been assigned.

Nov 15, 2024 at 4:20 PM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 10.2%)

Nov 18, 2024 at 5:15 PM
Static CVE Timeline Graph

Affected Systems

Cisco/telepresence_ce
+null more

Attack Patterns

CAPEC-27: Leveraging Race Conditions via Symbolic Links
+null more

News

Medium - CVE-2023-20093 - Three vulnerabilities in the CLI of Cisco...
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device....
CVE-2023-20093
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account. Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File ...
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device.
Content warning: CISCO CISCO ROOMOS SOFTWARE CISCO TELEPRESENCE ENDPOINT SOFTWARE (TC/CE) CVE-2023-20093 CVE-2023-20093 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account. Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint and RoomOS
The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality. The vulnerability allows a remote attacker to gain access to potentially sensitive information.
See 5 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:High
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:High
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI