#VU80769 Permissions, Privileges, and Access Controls in Cisco IOS XR - CVE-2023-20190

Cybersecurity Help s.r.o.

Published: 2023-09-14

Vulnerability identifier: #VU80769

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-20190

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco IOS XR
Operating systems & Components / Operating system

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to incorrect destination address range encoding in the compression module in the classic access control list (ACL) compression feature. A remote attacker can bypass configured ACL protections and access trusted networks that the device might be protecting.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cisco IOS XR: 7.2.0, 7.3, 7.4, 7.5.0, 7.6.0, 7.7.0, 7.8, 7.9

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-comp3acl-vGmp6BQ3

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

ACL Bypass in Cisco IOS XR Software