CVE-2023-20210

moderate-risk
Published 2023-07-12

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted command to the affected system. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, an attacker must have valid BroadWorks administrative privileges on the affected device.

Do I need to act?

-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.0/10 Medium
LOCAL / LOW complexity

Affected Products (20)

Broadworks Application Delivery Platform Firmware
Broadworks Application Delivery Platform Firmware
Broadworks Application Delivery Platform Firmware
Broadworks Application Server Firmware
Broadworks Application Server Firmware
Broadworks Application Server Firmware
Broadworks Database Server Firmware
Broadworks Database Server Firmware
Broadworks Database Server Firmware
Broadworks Database Troubleshooting Server Firmware
Broadworks Database Troubleshooting Server Firmware
Broadworks Database Troubleshooting Server Firmware
Broadworks Execution Server Firmware
Broadworks Execution Server Firmware
Broadworks Execution Server Firmware
Broadworks Media Server Firmware
Broadworks Media Server Firmware
Broadworks Media Server Firmware
Broadworks Messaging Server Firmware
Broadworks Messaging Server Firmware

Affected Vendors

Cisco

References (2)

Vendor Advisory https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ci...
Vendor Advisory https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ci...
45
/ 100
moderate-risk
Severity 20/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 25/34 · High