CVE-2019-12670

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software (affected versions not specified)

Description A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The issue is due to insufficient file permissions, which could be exploited by modifying files that the attacker should not have access to. A successful exploit could allow the attacker to remove container protections and perform file actions outside the namespace of the container.

Recommendations For Cisco IOS XE Software, update to a version that includes the fix for this issue, as software updates have been released by Cisco to address this vulnerability. As a temporary workaround, consider restricting access to the IOx Guest Shell to minimize the risk of exploitation. Avoid modifying files outside the namespace of the container until the issue is resolved.