CVE-2023-20114

Summary

CVE-2023-20114 is a vulnerability affecting the file download feature of Cisco Firepower Management Center (FMC) Software. An authenticated, remote attacker can exploit this issue by crafting a malicious HTTPS request, taking advantage of insufficient input sanitation. Successful exploitation enables the attacker to download arbitrary files from the affected system. This vulnerability poses a significant risk, as it allows unauthorized access to potentially sensitive files. Cisco has released patches to address this issue. It is strongly recommended that users update their FMC Software to mitigate the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.