Cisco Addresses Critical Security Flaw in Emergency Responder

October 4, 2023

Cisco has released a security patch for a serious vulnerability in its Cisco Emergency Responder (CER) software. This software aids organizations in responding effectively to emergencies by providing precise location tracking of IP phones, thus enabling emergency calls to be appropriately routed to the relevant Public Safety Answering Point (PSAP). The vulnerability, identified as CVE-2023-20101, could have allowed unauthenticated attackers to gain access to a targeted device using a root account with default, static credentials that could not be changed or removed.

Cisco elaborated in a recent advisory, 'This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.' The vulnerability is critical and only impacts Cisco Emergency Responder version 12.5(1)SU4.

The vulnerability was discovered during internal security testing. Cisco's Product Security Incident Response Team (PSIRT) has not found any evidence of public disclosures or malicious exploitation related to the CVE-2023-20101 vulnerability. There are no temporary workarounds to mitigate this security flaw, so administrators are advised to update vulnerable installations as soon as possible.

In the previous week, Cisco encouraged its customers to patch a zero-day vulnerability (CVE-2023-20109), which was being exploited by attackers, affecting devices running IOS and IOS XE software. Earlier this month, the company issued a warning about another zero-day (CVE-2023-20269) in its Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD), which was being actively exploited by ransomware gangs to infiltrate corporate networks.

Law enforcement and cybersecurity agencies in the US and Japan also issued warnings about Chinese BlackTech hackers using backdoors in network devices to gain initial access to enterprise networks.

Related News

• New Zero-Day Vulnerability in Cisco IOS Poses Double Threat
• Cisco Calls on Administrators to Address Zero-Day IOS Software Vulnerability
• Ransomware Gangs Exploit Cisco VPN Zero-Day Vulnerability
• Cisco Addresses Zero-Day Flaw CVE-2023-20269 in VPN Products Amidst Akira Ransomware Threats

Latest News

• Google's October 2023 Security Update for Android Fixes Actively Exploited Zero-days
• Critical Security Flaws Discovered in PyTorch Models: Remote Code Execution Possible
• Qualcomm Reports Active Exploitation of Zero-Day Vulnerabilities in GPU, DSP Drivers
• Microsoft Patches Zero-Day Vulnerabilities in Edge, Teams, and Skype
• Exim Patches Three Critical Zero-Day Bugs Amid Security Concerns