Cisco has released patches to address a high-severity vulnerability, CVE-2023-20178, that affects the Cisco AnyConnect Secure Mobility Client Software and Cisco Secure Client Software. Filip Dragovic reported the vulnerability. On successful exploitation, the vulnerability may allow attackers to escalate privileges to those of the SYSTEM. No evidence is available to show the public exploitation of … Continue reading “Cisco AnyConnect Secure Mobility Client Software and Cisco Secure Client Software for Windows Privilege Escalation Vulnerability (CVE-2023-20178)”
Tag: Privilege Escalation Vulnerability
Cisco Expressway Series and Cisco TelePresence Video Communication Server Privilege Escalation Vulnerabilities (CVE-2023-20105 and CVE-2023-20192)
Cisco has addressed privilege escalation vulnerabilities that affect Cisco Expressway Series and Cisco TelePresence Video Communication Server. CVE-2023-20105 and CVE-2023-20192 have been given Critical and High severity ratings with a CVSS score of 9.6 and 8.4, respectively. CVE-2023-20105 was encountered during internal security testing by Jason Crowder of the Cisco Advanced Security Initiatives Group (ASIG). CVE-2023-20105 … Continue reading “Cisco Expressway Series and Cisco TelePresence Video Communication Server Privilege Escalation Vulnerabilities (CVE-2023-20105 and CVE-2023-20192)”
