CVE-2023-20273CISA KEVEPSS p99.8%

CVE-2023-20273Cisco IOS XE Web UI Command Injection Vulnerability

Cisco / Cisco IOS XE Web UI

Description

Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.

Scoring

EPSS89.63% probability of exploitation · percentile 99.8% · 2026-06-16T12:03:06Z

CISA KEV entry

Added to KEV: 2023-10-23

(incoming)1

TypeTargetConfidenceTier
KEVEntryCisco IOS XE Web UI Command Injection Vulnerabilitykev-cve-2023-202730%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Cisco IOS XE Web UI Privilege Escalation Vulnerability
CVE
CVE-2025-20334
CVE
Cisco NX-OS Command Injection Vulnerability
CVE
Cisco Identity Services Engine Injection Vulnerability
CVE
CVE-2026-20094
CVE
Cisco Small Business RV Series Routers Command Injection Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.