Critical Cisco Vulnerability Could Have Allowed Password Changes for Any User
Cisco has recently addressed a severe security flaw in its Smart Software Manager On-Prem (SSM On-Prem) by releasing a critical patch. This vulnerability, rated with a maximum severity score of 10/10, could have allowed attackers to change any user's password, including those of administrators. Such an exploit could have led to significant security breaches, including data theft and ransomware attacks.
The Nature of the Flaw
Identified as CVE-2024-20419, this flaw originates from an incorrect implementation of the password-change process in Cisco’s software. Cisco’s advisory indicates that attackers could exploit this vulnerability by sending specially crafted HTTP requests to the affected device. Successfully exploiting this flaw would grant them access to the web interface or API with the compromised user's privileges, allowing unauthorized modifications.
The Cisco Smart Software Manager On-Prem is crucial for organizations managing their Cisco software licenses and entitlements within their own networks. It centralizes Cisco Smart Licensing, aiding in the effective management of software assets.
Potential Risks
Although the exact potential for exploitation remains uncertain, ArsTechnica suggested that this flaw could have enabled attackers to pivot to other Cisco devices on the same network. This could potentially lead to further attacks, including data theft, ransomware, and other malicious activities.
Fortunately, there are no reports indicating that this vulnerability has been exploited in the wild. Cisco has stressed the importance of applying the patch promptly due to the critical nature of the flaw.
Ongoing Security Concerns
Cisco, a leading name in networking technology, has been a frequent target for sophisticated cyberattacks. Earlier this year, advanced threat actors, possibly with nation-state affiliations, exploited vulnerabilities in Cisco’s VPNs and firewalls for espionage. This underscores the persistent security challenges faced by organizations using Cisco products.
