Cisco IOS XE Software has a vulnerability [CVE-2023-20198] that provides initial access and allows the attacker to issue a privilege 15 command to create a local user and password combination and log in with normal user access.
The attacker can then exploit another component of the web UI feature, leveraging the new local user to elevate their privilege to root and write an implant to the file system [CVE-2023-20273].
- CVE-2023-20198 has a CVSS score of 10.0.
- CVE-2023-20273 has a CVSS score of 7.2.
CVE-2023-20198 can be scanned to get results for CVE-2023-20273.
See the resource center.