CVE-2023-20044EPSS p3.9%

CVE-2023-20044CVE-2023-20044

cisco / cx_cloud_agent

Description

A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by persuading support to update settings which call the insecure script. A successful exploit could allow the attacker to take complete control of the affected device.

Scoring

CVSS 6.7 ()
VectorCVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS0.14% probability of exploitation · percentile 3.9% · 2026-06-19T12:03:05Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.