CVE-2023-20097

Name of the Vulnerable Software and Affected Versions Cisco access points (AP) software (affected versions not specified)

Description A vulnerability in Cisco access points software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This issue is due to improper input validation of commands issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this by issuing a command with crafted arguments, potentially gaining full root access on the AP.

Recommendations For all affected versions, consider restricting access to the CLI of the controller to minimize the risk of exploitation. As a temporary workaround, limiting the ability to issue commands with crafted arguments from the wireless controller to the AP could help mitigate the risk until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.