Security News > 2023 > October > Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems

Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems
2023-10-05 12:02

Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), is due to the presence of static user credentials for the root account that the company said is usually reserved for use during


News URL

https://thehackernews.com/2023/10/cisco-releases-urgent-patch-to-fix.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-10-04 CVE-2023-20101 Use of Hard-coded Credentials vulnerability in Cisco Emergency Responder 12.5(1)Su4
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development.
network
low complexity
cisco CWE-798
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 4416 230 3111 1857 603 5801