CVE-2023-20044

Name of the Vulnerable Software and Affected Versions Cisco CX Cloud Agent (affected versions not specified)

Description A vulnerability in Cisco CX Cloud Agent could allow an authenticated, local attacker to elevate their privileges due to insecure file permissions. An attacker could exploit this vulnerability by persuading support to update settings which call the insecure script. A successful exploit could allow the attacker to take complete control of the affected device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.