A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.
Published 2023-10-25 18:17:23
Updated 2024-06-17 13:29:10
View at NVD,   CVE.org

CVE-2023-20273 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:
Cisco IOS XE Web UI Command Injection Vulnerability
CISA required action:
Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and
CISA description:
Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to d
Notes:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z; https://nvd.nist.gov/vuln/detail/CVE-2023-20273
Added on 2023-10-23 Action due date 2023-10-27

Exploit prediction scoring system (EPSS) score for CVE-2023-20273

3.83%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2023-20273

  • Cisco IOX XE Unauthenticated RCE Chain
    Disclosure Date: 2023-10-16
    First seen: 2023-11-09
    exploit/linux/misc/cisco_ios_xe_rce
    This module leverages both CVE-2023-20198 and CVE-2023-20273 against vulnerable instances of Cisco IOS XE devices which have the Web UI exposed. An attacker can execute a payload with root privileges. The vulnerable IOS XE versions are: 16.1.1, 16.1.2, 16.1.
  • Cisco IOX XE unauthenticated OS command execution
    Disclosure Date: 2023-10-16
    First seen: 2023-11-09
    auxiliary/admin/http/cisco_ios_xe_os_exec_cve_2023_20273
    This module leverages both CVE-2023-20198 and CVE-2023-20273 against vulnerable instances of Cisco IOS XE devices which have the Web UI exposed. An attacker can execute arbitrary OS commands with root privileges. This module leverages CVE-2023-20198 to create a new ad

CVSS scores for CVE-2023-20273

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.2
HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1.2
5.9
NIST
7.2
HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1.2
5.9
Cisco Systems, Inc.

CWE ids for CVE-2023-20273

References for CVE-2023-20273

Products affected by CVE-2023-20273

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!