Lucene search

[email protected]NVD:CVE-2023-20135

HistorySep 13, 2023 - 5:15 p.m.

CVE-2023-20135

2023-09-1317:15:09

CWE-367

CWE-347

[email protected]

web.nvd.nist.gov

cisco ios xr

software image verification

toctou race condition

iso image

arbitrary code

vulnerability

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system.

This vulnerability is due to a time-of-check, time-of-use (TOCTOU) race condition when an install query regarding an ISO image is performed during an install operation that uses an ISO image. An attacker could exploit this vulnerability by modifying an ISO image and then carrying out install requests in parallel. A successful exploit could allow the attacker to execute arbitrary code on an affected device.

Affected configurations

Nvd

Node

ciscoios_xrRange7.5.2–7.6

ciscoios_xrRange7.7–7.10.1

VendorProductVersionCPE
ciscoios_xr*cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xr	*	cpe:2.3:o:cisco:ios_xr::::::::

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lnt-L9zOkBz5

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-20135

nessus1 cvelist1 prion1 cisco1 cve1