Lucene search

CiscoCVE-2024-20430

HistorySep 12, 2024 - 8:15 p.m.

CVE-2024-20430

2024-09-1220:15:04

CWE-427

cisco

web.nvd.nist.gov

cisco meraki sm

vulnerability

windows

privileged attacker

arbitrary code

elevated privileges

directory search paths

malicious configuration files

malicious dll files

system privileges

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

Percentile

9.6%

JSON

A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.

This vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges.

Affected configurations

Nvd

Node

ciscomeraki_systems_managerRange1.0.98–4.2.0windows

VendorProductVersionCPE
ciscomeraki_systems_manager*cpe:2.3:a:cisco:meraki_systems_manager:*:*:*:*:*:windows:*:*

Vendor	Product	Version	CPE
cisco	meraki_systems_manager	*	cpe:2.3:a:cisco:meraki_systems_manager::::::windows::*

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Meraki Systems Manager Agent",
    "versions": [
      {
        "version": "4.1.5",
        "status": "affected"
      },
      {
        "version": "4.1.4",
        "status": "affected"
      },
      {
        "version": "4.1.1",
        "status": "affected"
      },
      {
        "version": "4.0",
        "status": "affected"
      },
      {
        "version": "3.8.2",
        "status": "affected"
      },
      {
        "version": "3.7.2",
        "status": "affected"
      },
      {
        "version": "3.7.1",
        "status": "affected"
      },
      {
        "version": "3.7.0",
        "status": "affected"
      },
      {
        "version": "3.6.0",
        "status": "affected"
      },
      {
        "version": "3.5.2",
        "status": "affected"
      },
      {
        "version": "3.1.4",
        "status": "affected"
      },
      {
        "version": "3.1.3",
        "status": "affected"
      },
      {
        "version": "3.1.2",
        "status": "affected"
      },
      {
        "version": "3.1.1",
        "status": "affected"
      },
      {
        "version": "3.0.3",
        "status": "affected"
      },
      {
        "version": "3.0.2",
        "status": "affected"
      },
      {
        "version": "3.0.1",
        "status": "affected"
      },
      {
        "version": "3.0.0",
        "status": "affected"
      },
      {
        "version": "2.0.0",
        "status": "affected"
      },
      {
        "version": "1.0.99",
        "status": "affected"
      },
      {
        "version": "1.0.98",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

Percentile

9.6%

JSON

Related for CVE-2024-20430