CVE-2023-20076 — Improper Handling of Parameters in Cisco 807 Industrial Integrated Services Router Firmware

CWE-233 — Improper Handling of Parameters CWE-78 — OS Command Injection4 documents4 sources

Severity

8.8HIGHNVD

CNA7.2

EPSS

0.4%

top 41.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco 807 Industrial Integrated Services Router Firmware Cisco 809 Industrial Integrated Services Router Firmware Cisco 829 Industrial Integrated Services Router Firmware +6 more

Timeline

PublishedFeb 12

Description

A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages9 packages

▶NVDcisco/ios_xe17.9.0 — 17.9.2+2

▶NVDcisco/cgr1000_firmware< 1.16.0.1

▶NVDcisco/cgr1240_firmware< 1.16.0.1

▶NVDcisco/ir510_wpan_firmware< 1.10.0.1

▶NVDcisco/ic3000_industrial_compute_gateway< 1.4.2

🔴Vulnerability Details

CVEList

Cisco IOx Application Hosting Environment Command Injection Vulnerability↗2023-02-12

▶

GHSA

GHSA-q7pv-4cxx-gq42: A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root o↗2023-02-12

▶

📋Vendor Advisories

Cisco

Cisco IOx Application Hosting Environment Command Injection Vulnerability↗2023-02-01

▶