Cisco has recently released patches pertaining to a maximum severity security flaw. As per recent reports, the Cisco security patches are for flaws within the Smart Software Manager On-Prem (Cisco SSM On-Prem). In this article, we’ll dive into the details of the vulnerability and learn what could happen if the flaw was to be exploited by threat actors. Let’s begin!
The vulnerability for which the Cisco security patches have been released is tracked as CVE-2024-20419. Muhammed Adel, a security researcher, has been credited with identifying and reporting the bug. It’s worth noting that this flaw has a critical vulnerability severity score (CVSS) of 10.
The vulnerability is so severe that, if exploited, it could allow a remote unauthenticated attacker to change user passwords. By having the ability to exploit this vulnerability, threat actors can even change the password of administrative users. Providing further insight into the vulnerability, Cisco has stated that:
“This vulnerability is due to improper implementation of the password-change process. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user.”
Along with informing users of the Cisco vulnerability patches, the network equipment maker has also shared details pertaining to which products are immune and which are vulnerable. According to the details, the vulnerability could have affected products named:
It’s worth mentioning here both of these are the same product. However, versions prior to Release 7.0 were called Cisco SSM Satellite. Whereas, variants after Release 7.0 are called Cisco SSM On-Prem.
The company has also mentioned that the Cisco Smart Licensing Utility is immune to this vulnerability and that they are not aware of incidents where this particular flaw has been exploited by threat actors.
Cisco, apart from this vulnerability, also fixed another critical flaw that had prevailed within its Secure Email Gateway and was tracked as CVE-2024-20401 with a CVSS score of 9.8. This flaw, if exploited, would allow threat actors to add new users with root privileges. It would also allow them to crash appliances by distributing emails containing malicious attachments.
As far as CVE-2024-20419 is concerned, Cisco security patches have been released. Customers who service contracts with software updates as a part of it should receive the Cisco security patches via their usual update channels.
The company has also urged customers to contact the Cisco Technical Assistance Center (TAC) for support if any information regarding the upgrade is not clear. The TAC should also be contacted if customers without the service contract are unable to get the fixed software.
Cisco’s timely release of security patches for critical vulnerabilities CVE-2024-20419 and CVE-2024-20401 underscores the importance of staying vigilant against potential cyber threats. Ensuring your systems are up-to-date with the latest patches and using robust cybersecurity protocols is crucial to maintaining security and protecting against unauthorized access and exploitation.
The sources for this piece include articles in The Hacker News and Digital Vocano.
The post Cisco Security Patches: Max Severity Security Flaw Fixed appeared first on TuxCare.
*** This is a Security Bloggers Network syndicated blog from TuxCare authored by Wajahat Raja. Read the original post at: https://tuxcare.com/blog/cisco-security-patches-max-severity-security-flaw-fixed/