CVE-2023-20063
Summary
A critical vulnerability (CVE-2023-20063) has been identified in Cisco Firepower Threat Defense (FTD) and Firepower Management (FMC) software. This flaw allows an authenticated, local attacker with administrative privileges on one device to execute arbitrary commands with root permissions on the other.
IFF Assessment
FOE
This vulnerability allows for privilege escalation and arbitrary code execution, posing a significant risk to network security.
Severity
8.2
High
Defender Context
This vulnerability requires local access and administrative privileges, making it a high-risk scenario for organizations using Cisco FTD/FMC. Defenders should prioritize patching affected systems and enforcing strict access controls to mitigate the risk of unauthorized command execution.