CVE-2023-20065

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software (affected versions not specified)

Description A vulnerability in the Cisco IOx application hosting subsystem could allow an authenticated, local attacker to elevate privileges to root on an affected device. This issue is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container, potentially allowing the execution of arbitrary commands on the underlying operating system with root privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.