CVE-2023-20243

Summary

CVE-2023-20243 is a vulnerability affecting the RADIUS message processing feature of Cisco Identity Services Engine (ISE). An unauthenticated, remote attacker can exploit this issue by sending a maliciously crafted RADIUS accounting request to a network access device using Cisco ISE for authentication, authorization, and accounting. The vulnerability arises from the improper handling of certain RADIUS accounting requests, which can cause the RADIUS process to unexpectedly restart, leading to authentication or authorization timeouts and denial of access for legitimate users. Direct exploitation of the vulnerability is also possible if the RADIUS shared secret is known. While clients already authenticated to the network remain unaffected, a manual restart of the affected Policy Service Node may be necessary to resume RADIUS packet processing.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.