PT-2023-3030 · Cisco · Cisco Telepresence Ce+1

Kai Fleischman

Publicado

2023-04-19

Atualizado

2025-07-30

CVE-2023-20094

CVSS v3.1

4.3

Média

Vetor

AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cisco TelePresence CE and RoomOS (affected versions not specified)

Description A vulnerability in the software could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device. This issue exists due to improper bounds checks, which could be exploited by sending a crafted request to an affected device, potentially allowing an out-of-bounds read that discloses sensitive information. The vulnerability is specifically related to a buffer data boundary read issue, which could be exploited by a remote attacker to access confidential data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

BDU:2023-03095

CVE-2023-20094

Produtos afetados

Cisco Telepresence Ce

Roomos

PT-2023-3030 · Cisco · Cisco Telepresence Ce+1

CVE-2023-20094

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6