Rewterz Threat Advisory – CVE-2023-20043 – Cisco CX Cloud Agent Vulnerability
January 17, 2023Rewterz Threat Advisory – Multiple Microsoft Windows Secure Socket Tunneling Protocol (SSTP) Vulnerabilities
January 17, 2023Rewterz Threat Advisory – CVE-2023-20043 – Cisco CX Cloud Agent Vulnerability
January 17, 2023Rewterz Threat Advisory – Multiple Microsoft Windows Secure Socket Tunneling Protocol (SSTP) Vulnerabilities
January 17, 2023Severity
Medium
Analysis Summary
CVE-2023-20043
Cisco CX Cloud Agent could allow a local authenticated attacker to gain elevated privileges on the system, caused by insecure file permissions. By calling the script with the sudo command, an attacker could exploit this vulnerability to take complete control of the affected device.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-20043
Affected Vendors
Cisco
Affected Products
- Cisco CX Cloud Agent Software
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.