CERT-In Vulnerability Note
CIVN-2024-0286
Multiple vulnerabilities in Cisco Products
Original Issue Date:September 09, 2024
Severity Rating: CRITICAL
Software Affected
- Cisco Meraki SM Agent for Windows
- Cisco Smart Licensing Utility
Overview
Multiple vulnerabilities have been reported in Cisco Products which could allow a remote attacker to execute arbitrary code, bypass security restriction and obtain sensitive information on the targeted system.
Description
1. Privilege Escalation Vulnerability
(
CVE-2024-20430
)
This Vulnerability exists in Cisco Meraki SM Agent for Windows due to incorrect handling of directory search paths at runtime. An attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on start-up. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges.
2. Static Credential Vulnerability
(
CVE-2024-20439
)
This Vulnerability exists in Cisco Smart Licensing Utility due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. Successful exploitation of this vulnerability could allow the attacker to log in the affected system with administrative privileges.
3. Information Disclosure Vulnerability
(
CVE-2024-20440
)
This Vulnerability exists in Cisco Smart Licensing Utility due to excessive verbosity in a debug log file. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. Successful exploitation of this vulnerability could allow the attacker to obtain log contain sensitive data, including credentials that can be used to access the API files on the affected system.
Solution
Apply appropriate updates as mentioned by the vendor.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe
Vendor Information
Cisco
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
References
Cisco
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
CVE Name
CVE-2024-20430
CVE-2024-20439
CVE-2024-20440
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-22902657
Postal address
Indian Computer Emergency Response Team (CERT-In) Ministry of Electronics and Information Technology Government of India Electronics Niketan 6, CGO Complex, Lodhi Road, New Delhi - 110 003 India
|