CVE-2023-20101: Critical Authentication Bypass Vulnerability in Cisco Emergency Responder

Share :

On October 4, 2023, Cisco published a security advisory disclosing a critical authentication bypass vulnerability (CVE-2023-20101, CVSS: 9.8) in Cisco Emergency Responder. CVE-2023-20101 allows an unauthenticated, remote threat actor to utilize the root account (this account by default has hard coded credentials that cannot be altered) to log into an affected device. 


Product  Vulnerability  Affected Release 
Cisco Emergency Responder  CVE-2023-20101 


Note: Versions 11.5(1) and earlier, as well as version 14, are not affected. 


This vulnerability was discovered by Cisco during internal security testing. Since its disclosure, Arctic Wolf has not observed active exploitation of CVE-2023-20101 in the wild. Cisco products have become prime targets for threat actors due to the extensive access they can potentially gain within a compromised network. Arctic Wolf recently observed ransomware threat actors targeting Cisco Products; numerous other Cisco vulnerabilities have been exploited by threat actors and added to CISA’s Known Exploited Vulnerabilities catalog.  

Recommendation CVE-2023-20101 

Upgrade Cisco Emergency Responder to Fixed Release  

Arctic Wolf strongly recommends upgrading Cisco Emergency Responder to the latest fixed release.  

Product  Affected Release  Fixed Release 
Cisco Emergency Responder  12.5(1)SU4  12.5(1)SU5ciscocm.CSCwh34565_PRIVILEGED_ACCESS_DISABLE.k4.cop.sha512 


Please follow your organization’s patching and testing guidelines to avoid operational impact.  


  1. Cisco Security Advisory (CVE-2023-20101)
  2. Arctic Wolf Blog (Cisco Exploitation)
Picture of Andres Ramos

Andres Ramos

Andres Ramos is a Threat Intelligence Researcher at Arctic Wolf with a strong background in tracking emerging threats and producing actionable intelligence for both technical and non-technical stakeholders. He has a diverse background encompassing various domains of cyber security, holds a degree in Cybersecurity Engineering, and is a CISSP.
Share :
Table of Contents
Subscribe to our Monthly Newsletter