CVE-2023-20082 — OS Command Injection in Cisco IOS XE

CWE-78 — OS Command Injection4 documents4 sources

Severity

6.8MEDIUMNVD

CNA6.1

EPSS

0.2%

top 59.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS XE Cisco IOS XE Rommon Software

Timeline

PublishedMar 23

Description

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to errors that occur when retrieving the public release key that is used for image signature verification. An attacker could exploit this vulnerability by modifying specific variables in …

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5cisco/cisco_ios_xe_rommon_softwaren/a

▶NVDcisco/ios_xe17.4 — 17.6.5+2

🔴Vulnerability Details

CVEList

Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability↗2023-03-23

▶

GHSA

GHSA-c6f2-hw3g-3568: A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges↗2023-03-23

▶

📋Vendor Advisories

Cisco

Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability↗2023-03-22

▶