Rewterz Threat Alert – South Asian Espionage Bitter APT Group Campaign – Active IOCs
August 31, 2023Rewterz Threat Advisory – CVE-2023-4522 – GitLab Vulnerability
August 31, 2023Rewterz Threat Alert – South Asian Espionage Bitter APT Group Campaign – Active IOCs
August 31, 2023Rewterz Threat Advisory – CVE-2023-4522 – GitLab Vulnerability
August 31, 2023Severity
Medium
Analysis Summary
CVE-2023-20266
Cisco Unified Communications Products could allow a remote authenticated attacker to gain elevated privileges on the system, caused by not properly restrict the files that are being used for upgrades. By using a specially crafted upgrade file, an authenticated attacker could exploit this vulnerability to gain elevated privileges as root.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-20266
Affected Vendors
Cisco
Affected Products
- Cisco Emergency Responder
- Cisco Unity Connection
- Cisco Unified CM
- Cisco Unified CM SME
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.