Headline
CVE-2023-20266: Cisco Security Advisory: Cisco Unified Communications Products Privilege Escalation Vulnerability
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability exists because the application does not properly restrict the files that are being used for upgrades. An attacker could exploit this vulnerability by providing a crafted upgrade file. A successful exploit could allow the attacker to elevate privileges to root. To exploit this vulnerability, the attacker must have valid platform administrator credentials on an affected device.
When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Fixed Releases
At the time of publication, the release information in the following tables was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Only the specific releases listed are affected by this vulnerability.
Cisco Emergency Responder Release
Vulnerable Releases
First Fixed Release
Earlier than 12.5(1)
Not vulnerable
Not vulnerable
12.5(1)
12.5.1SU4
12.5.1SU8a
Apply patch file ciscocm.ADD\_SIGNED\_FILTER.k4.cop.sha512 or upgrade to 12.5.1SU5, 12.5.1SU6, 12.5.1SU7, or 12.5.1SU8b
14
14SU3
Apply patch file ciscocm.ADD\_SIGNED\_FILTER.k4.cop.sha512 or upgrade to 14SU3a
Cisco Unified CM and Unified CM SME Release
Vulnerable Releases
First Fixed Release
Earlier than 12.5(1)
Not vulnerable
Not vulnerable
12.5(1)
12.5.1SU8
Apply patch file ciscocm.ADD\_SIGNED\_FILTER.k4.cop.sha512 or upgrade to 12.5.1SU8a
14
Not vulnerable
Not vulnerable
Cisco Unity Connection Release
Vulnerable Releases
First Fixed Release
Earlier than 12.5(1)
Not vulnerable
Not vulnerable
12.5(1)
12.5.1SU6
12.5.1SU7
12.5.1SU8
Apply patch file ciscocm.ADD\_SIGNED\_FILTER.k4.cop.sha512 or upgrade to 12.5.1SU8a
14
14SU2
14SU3
Apply patch file ciscocm.ADD\_SIGNED\_FILTER.k4.cop.sha512 or upgrade to 14SU3a
The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.