Critical Vulnerability Detected in Cisco Emergency Responder: Apply the Fix Now (CVE-2023-20101)

Cisco, after detecting a critical security vulnerability during internal security testing, has promptly released updates. The vulnerability poses a significant threat by potentially granting unauthorized access to vulnerable Cisco Emergency Responder systems with root account privileges. 

Cisco Emergency Responder is a product that ensures Cisco Unified Communications Manager accurately routes emergency calls to the appropriate Public Safety Answering Point (PSAP) based on the caller’s location. 

What is the vulnerability in Cisco Emergency Responder? (CVE-2023-20101)

The critical vulnerability, CVE-2023-20101, has been assigned a CVSS score of 9.8 and enables unauthenticated remote attackers to access vulnerable systems using hardcoded credentials.

This vulnerability arises from the presence of static user credentials, primarily reserved for development purposes, linked to the root account. To exploit CVE-2023-20101, attackers must utilize these credentials to gain access to susceptible Cisco Emergency Responder instances. Once inside, they can potentially execute arbitrary commands with root user privileges.

Cisco has not observed any instances of this vulnerability being exploited in the wild.

Which Cisco Emergency Responder versions are affected by the vulnerability?

The vulnerability affects Emergency Responder release 12.5(1)SU4, while other releases remain unaffected.

Cisco has promptly resolved the vulnerability in version 12.5(1)SU5. To mitigate potential threats linked to this critical vulnerability, it is crucial that customers promptly update their Cisco Emergency Responder to the latest version, as the vendor has not provided any workarounds.

For detailed information regarding Cisco’s updates and further guidance, visit the advisory related to this vulnerability.

Strengthen Your Cybersecurity with SOCRadar’s Vulnerability Intelligence 

SOCRadar provides comprehensive insights into security vulnerabilities, coupled with their associated activities and lifecycle data. Our Vulnerability Intelligence module is designed to continuously monitor all security vulnerabilities, ensuring you are well-informed about emerging trends among hackers.

Also, with SOCRadar’s Attack Surface Management (ASM), you can prioritize and address vulnerabilities and updates strategically to enhance your overall security posture. Our ASM module plays a pivotal role in monitoring vulnerabilities that may affect your digital assets. It offers timely alerts for any identified issues, serving as a dependable partner for managing your digital footprint.