Cisco released security updates to address a critical vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), impacting Emergency Responder. A remote, unauthenticated attacker can exploit the vulnerability to log in to susceptible systems using hard-coded credentials that cannot be changed.
The vulnerability was discovered as part of an internal security testing activity.
“A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted.” reads the published by Cisco. “This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.”
The root cause of the vulnerability is the presence of hardcoded credentials for the root account which was created during the development phase.
The vulnerability impacts Emergency Responder Release 12.5(1)SU4, the IT giant fixed the issue with the release of release 12.5(1)SU5. The company states that there are no workarounds that address this issue.
The Cisco PSIRT is not aware of any attacks exploiting this vulnerability.
Cisco last week released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software.
Follow me on Twitter: and and Mastodon
(SecurityAffairs – hacking, Cisco Emergency Responder)