Cisco Emergency Responder Vulnerability Attacks Root User


Cisco was reported with a critical vulnerability that could allow threat actors to log in to the affected devices as a root account. The CVE for this vulnerability has been given as CVE-2023-20101 and has a severity of 9.8 (Critical).

Cisco has released a security advisory for addressing this vulnerability, and patches have been updated for the affected products. 



Document

FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware


CVE-2023-20101: Cisco Emergency Responder Static Credentials Vulnerability

This particular vulnerability exists due to static user credentials for the root account configured during development. The root account has default and static credentials that cannot be changed or deleted.

If a threat actor successfully exploits, it could allow them to log in to the affected system and execute arbitrary commands as the root user. 

Affected Products and Fixed Versions

Affected Products Affected Versions First Vulnerable Release First Fixed Release
Cisco Emergency Responder 11.5(1) and earlier Not vulnerable Not vulnerable
Cisco Emergency Responder 12.5(1) 12.5(1)SU41 12.5(1)SU5ciscocm.CSCwh34565_PRIVILEGED_ACCESS_DISABLE.k4.cop.sha512
Cisco Emergency Responder 14 Not vulnerable Not vulnerable

There are no workarounds for this vulnerability. However, there is no evidence that this vulnerability is being exploited in the wild. 

Cisco has recommended that users of this product upgrade to the latest version of Cisco Emergency Responder to prevent this vulnerability from getting exploited.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.



Source link