Fixes have been issued by Cisco for critical and high-severity vulnerabilities impacting its Expressway Series and TelePresence Video Communication Server enterprise collaboration and video communication offerings, according to SecurityWeek. Threat actors could have exploited the critical CVE-2023-20105 flaw stemming from improper handling of password change requests to facilitate privilege escalation for admins with “read-only”
Source: SC Magazine