CVE-2023-20162 — Vulnetix

CVE-2023-20162 PUBLISHED

22. Mai 2023 In einigen Cisco-Switches existieren mehrere, teils kritische Sicherheitslücken. CVE-Nummer(n): CVE-2023-20024, CVE-2023-20156, CVE-2023-20157, CVE-2023-20158, CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, CVE-2023-20162, CVE-2023-20189 CVSS Base Score: bis 9.8

EPSS 1.75% · 82.9th percentile

Risk Scores

EPSS Score

1.75%

82.9th percentile

Affected Products

Vendor	Product	Versions
Small	Small Business 300 Series Managed Switches (EOL)
Business	Business 250 Series Smart Switches
350	350 Series Managed Switches
Small	Small Business 200 Series Smart Switches (EOL)
550X	550X Series Stackable Managed Switches
Small	Small Business 500 Series Stackable Managed Switches (EOL)
250	250 Series Smart Switches
Business	Business 350 Series Managed Switches
350X	350X Series Stackable Managed Switches

Exploit Intelligence

CIRCL seen: CVE-2023-20162 (circl-sighting)
20230517 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities (circl)

Timeline

May 18, 2023 CVE Published
May 18, 2023 EPSS Score
May 22, 2023 PoC Published
Jun 23, 2023 EPSS Score
Jul 30, 2023 EPSS Score
Oct 11, 2023 EPSS Score
Nov 16, 2023 EPSS Score
Dec 23, 2023 EPSS Score
Jan 28, 2024 EPSS Score
Mar 5, 2024 EPSS Score
Apr 10, 2024 EPSS Score
Jun 22, 2024 EPSS Score

References

https://www.cert.at/de/warnungen/2023/5/kritische-sicherheitslucken-in-cisco-switches-exploit-code-offentlich-updates-teilweise-verfugbar advisory

Open in Interactive Console →