CVE-2024-20430
Vulnerability from cvelistv5
Published
2024-09-12 19:37
Modified
2024-09-12 19:55
Summary
Cisco Meraki Systems Manager Agent for Windows Privilege Escalation Vulnerability
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:meraki_systems_manager_agent:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_systems_manager_agent",
            "vendor": "cisco",
            "versions": [
              {
                "lessThan": "4.2.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20430",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-12T19:48:32.802767Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-12T19:55:15.962Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Meraki Systems Manager Agent",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.5"
            },
            {
              "status": "affected",
              "version": "4.1.4"
            },
            {
              "status": "affected",
              "version": "4.1.1"
            },
            {
              "status": "affected",
              "version": "4.0"
            },
            {
              "status": "affected",
              "version": "3.8.2"
            },
            {
              "status": "affected",
              "version": "3.7.2"
            },
            {
              "status": "affected",
              "version": "3.7.1"
            },
            {
              "status": "affected",
              "version": "3.7.0"
            },
            {
              "status": "affected",
              "version": "3.6.0"
            },
            {
              "status": "affected",
              "version": "3.5.2"
            },
            {
              "status": "affected",
              "version": "3.1.4"
            },
            {
              "status": "affected",
              "version": "3.1.3"
            },
            {
              "status": "affected",
              "version": "3.1.2"
            },
            {
              "status": "affected",
              "version": "3.1.1"
            },
            {
              "status": "affected",
              "version": "3.0.3"
            },
            {
              "status": "affected",
              "version": "3.0.2"
            },
            {
              "status": "affected",
              "version": "3.0.1"
            },
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "2.0.0"
            },
            {
              "status": "affected",
              "version": "1.0.99"
            },
            {
              "status": "affected",
              "version": "1.0.98"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.\u0026nbsp;\r\n\r\nThis vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges.\u0026nbsp;"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "As of the publication of this advisory, the Cisco Meraki Product Security Incident Response Team (PSIRT) was not aware of any public announcement or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "Uncontrolled Search Path Element",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-12T19:37:52.614Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-meraki-agent-dll-hj-Ptn7PtKe",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe"
        }
      ],
      "source": {
        "advisory": "cisco-sa-meraki-agent-dll-hj-Ptn7PtKe",
        "discovery": "INTERNAL"
      },
      "title": "Cisco Meraki Systems Manager Agent for Windows Privilege Escalation Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20430",
    "datePublished": "2024-09-12T19:37:52.614Z",
    "dateReserved": "2023-11-08T15:08:07.666Z",
    "dateUpdated": "2024-09-12T19:55:15.962Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-20430\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2024-09-12T20:15:04.407\",\"lastModified\":\"2024-09-18T18:56:05.510\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.\u0026nbsp;\\r\\n\\r\\nThis vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges.\u0026nbsp;\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en Cisco Meraki Systems Manager (SM) Agent para Windows podr\u00eda permitir que un atacante local autenticado ejecute c\u00f3digo arbitrario con privilegios elevados. Esta vulnerabilidad se debe a un manejo incorrecto de las rutas de b\u00fasqueda de directorios en tiempo de ejecuci\u00f3n. Un atacante con pocos privilegios podr\u00eda aprovechar esta vulnerabilidad colocando archivos de configuraci\u00f3n y archivos DLL maliciosos en un sistema afectado, que leer\u00eda y ejecutar\u00eda los archivos cuando Cisco Meraki SM se inicie. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute c\u00f3digo arbitrario en el sistema afectado con privilegios de SYSTEM.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:meraki_systems_manager:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"1.0.98\",\"versionEndExcluding\":\"4.2.0\",\"matchCriteriaId\":\"BDCEB39F-E02D-4A04-BA4A-5E43E532CF64\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.