Lucene search

CiscoCVELIST:CVE-2024-20430

HistorySep 12, 2024 - 7:37 p.m.

CVE-2024-20430 Cisco Meraki Systems Manager Agent for Windows Privilege Escalation Vulnerability

2024-09-1219:37:52

cisco

www.cve.org

cisco

meraki

windows

privilege escalation

vulnerability

arbitrary code

elevated privileges

dll files

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

Percentile

9.6%

JSON

A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.

This vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges.

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Meraki Systems Manager Agent",
    "versions": [
      {
        "version": "4.1.5",
        "status": "affected"
      },
      {
        "version": "4.1.4",
        "status": "affected"
      },
      {
        "version": "4.1.1",
        "status": "affected"
      },
      {
        "version": "4.0",
        "status": "affected"
      },
      {
        "version": "3.8.2",
        "status": "affected"
      },
      {
        "version": "3.7.2",
        "status": "affected"
      },
      {
        "version": "3.7.1",
        "status": "affected"
      },
      {
        "version": "3.7.0",
        "status": "affected"
      },
      {
        "version": "3.6.0",
        "status": "affected"
      },
      {
        "version": "3.5.2",
        "status": "affected"
      },
      {
        "version": "3.1.4",
        "status": "affected"
      },
      {
        "version": "3.1.3",
        "status": "affected"
      },
      {
        "version": "3.1.2",
        "status": "affected"
      },
      {
        "version": "3.1.1",
        "status": "affected"
      },
      {
        "version": "3.0.3",
        "status": "affected"
      },
      {
        "version": "3.0.2",
        "status": "affected"
      },
      {
        "version": "3.0.1",
        "status": "affected"
      },
      {
        "version": "3.0.0",
        "status": "affected"
      },
      {
        "version": "2.0.0",
        "status": "affected"
      },
      {
        "version": "1.0.99",
        "status": "affected"
      },
      {
        "version": "1.0.98",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

Percentile

9.6%

JSON

Related for CVELIST:CVE-2024-20430