Command Injection in Cisco Access Point Software



Published: 2023-03-23
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2023-20097
CWE-ID CWE-77
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		Wireless LAN Controller Software
Other software / Other software solutions

6300 Series Embedded Services Access Points
Other software / Other software solutions

Aironet 4800 Access Points
Other software / Other software solutions

Catalyst IW6300 Heavy Duty Series Access Points
Other software / Other software solutions

Cisco IOS XE
Operating systems & Components / Operating system

Cisco Aironet 1540 Series Access Points
Hardware solutions / Routers & switches, VoIP, GSM, etc

Aironet 1560 Series Access Points
Hardware solutions / Routers & switches, VoIP, GSM, etc

Aironet 1800 Series Access Points
Hardware solutions / Routers & switches, VoIP, GSM, etc

Aironet 2800 Series Access Points
Hardware solutions / Routers & switches, VoIP, GSM, etc

Aironet 3800 Series Access Points
Hardware solutions / Routers & switches, VoIP, GSM, etc

Catalyst 9100 Access Points
Hardware solutions / Routers & switches, VoIP, GSM, etc

Catalyst IW9165 Heavy Duty Series
Hardware solutions / Routers & switches, VoIP, GSM, etc

Catalyst IW9165 Rugged Series
Hardware solutions / Routers & switches, VoIP, GSM, etc

Catalyst IW9167 Heavy Duty Series
Hardware solutions / Routers & switches, VoIP, GSM, etc

Integrated AP on 1100 Integrated Services Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Command Injection

EUVDB-ID: #VU73973

Risk: Low

CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20097

CWE-ID: CWE-77 - Command injection

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary commands on the target system.

The vulnerability exists due to improper input validation in Cisco access points (AP) software. A local administrator can pass specially crafted data to the application and execute arbitrary commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Wireless LAN Controller Software: 8.9 - 8.10

Cisco IOS XE: 16.12 - 17.9

6300 Series Embedded Services Access Points: All versions

Cisco Aironet 1540 Series Access Points: All versions

Aironet 1560 Series Access Points: All versions

Aironet 1800 Series Access Points: All versions

Aironet 2800 Series Access Points: All versions

Aironet 3800 Series Access Points: All versions

Aironet 4800 Access Points: All versions

Catalyst 9100 Access Points: All versions

Catalyst IW6300 Heavy Duty Series Access Points: All versions

Catalyst IW9165 Heavy Duty Series: All versions

Catalyst IW9165 Rugged Series: All versions

Catalyst IW9167 Heavy Duty Series: All versions

Integrated AP on 1100 Integrated Services Routers: All versions

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###