Cisco has released patches for a critical command injection flaw in the IOx application hosting environment, which could allow malicious code to persist across reboots. The security flaw, identified as CVE-2023-20076, arises from a lack of complete sanitization of the parameters passed for application activation.
“An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a carefully crafted activation payload file. The tech giant explains in an advisory that a successful exploit “could enable the attacker to execute arbitrary commands as root on the underlying host operating system.”
The issue is with the DHCP Client ID option in the Interface Settings, which is not being properly sanitized, leading to command injection, claims Trellix, the cybersecurity company that found the vulnerability.