vulnerability

Cisco FTD: CVE-2023-20234: Cisco FXOS Software Arbitrary File Write Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:L/AC:L/Au:M/C:N/I:C/A:N)	2023-08-23	2025-01-29	2025-02-12

Severity

CVSS

(AV:L/AC:L/Au:M/C:N/I:C/A:N)

Published

2023-08-23

Added

2025-01-29

Modified

2025-02-12

Description

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.

The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.

Solution

cisco-ftd-upgrade-latest

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today