Skip to main content

Cisco Releases Security Advisories for Multiple Products

Cisco SSM On-Prem and Cisco Secure Email Gateway are affected by critical vulnerabilities

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Cisco SSM On-Prem and Cisco Secure Email Gateway are affected by critical vulnerabilities


Affected platforms

The following platforms are known to be affected:

The following platforms are also known to be affected:

Multiple other products are affected. Please see advisories below.

 

Threat details

Public proof-of-concept exploit available for CVE-2024-20419

The NHS England National CSOC assesses that imminent exploitation of CVE-2024-20419 is highly likely and strongly encourages organisations to follow the remediation guidance in Cisco Security Advisory cisco-sa-cssm-auth-sLw3uhUy.

CVE-2024-20419 affects Cisco Smart Software Manager On-Prem (SSM On-Prem) and Smart Software Manager Satellite (SSM Satellite). CVE-2024-20419 is extremely trivial to exploit, and a public exploit is available.


Introduction

Cisco has released advisories covering multiple products including two critical vulnerabilities, three high, and four medium severity. The two critical vulnerabilities are known as CVE-2024-20419 and CVE-2024-20401.

  • CVE-2024-20419 affects Cisco Smart software Manager (SSM) On-Prem and has a CVSSv3 score of 10 and could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. A public exploit is available.
  • CVE-2024-20401 affects Cisco Secure Email Gateway and has a CVSSv3 score of 9.8 and could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system (OS). This could allow an attacker to then add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial-of-service (DoS). 

Additionally, two previous advisories regarding the regreSSHion (OpenSSH server RCE) vulnerability and the Blast-RADIUS (RADIUS protocol spoofing) vulnerability were updated.


Threat updates

Date Update
25 Sep 2024 A public exploit for CVE-2024-20419 is available.
22 Jul 2024 Exploitation of CVE-2024-20419 highly likely

Remediation advice

Affected organisations are encouraged to review the following Cisco Security Advisories for more information.


Remediation steps

Type Step
Patch

Cisco Smart Software Manager On-Prem Password Change Vulnerability | cisco-sa-cssm-auth-sLw3uhUy

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy


Patch

Cisco Secure Email Gateway Arbitrary File Write Vulnerability | cisco-sa-esa-afw-bGG2UsjH

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH

 


Patch

RADIUS Protocol Spoofing Vulnerability (Blast-RADIUS): July 2024 | cisco-sa-radius-spoofing-july-2024-87cCDwZ3

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-radius-spoofing-july-2024-87cCDwZ3


Patch

Cisco Secure Web Appliance Privilege Escalation Vulnerability | cisco-sa-swa-priv-esc-7uHpZsCC

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-priv-esc-7uHpZsCC


Patch

Cisco Identity Services Engine Arbitrary File Upload Vulnerability | cisco-sa-ise-file-upload-krW2TxA9

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-krW2TxA9


Patch

Cisco Intelligent Node Software Static Key Vulnerability | cisco-sa-inode-static-key-VUVCeynn

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-inode-static-key-VUVCeynn


Patch

Cisco Webex App Vulnerabilities | cisco-sa-webex-app-ZjNm8X8j

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j


Patch

Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers Authenticated Remote Code Execution Vulnerability | cisco-sa-sb-rv34x-rce-7pqFU2e

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv34x-rce-7pqFU2e


Patch

Cisco Expressway Series Open Redirect Vulnerability | cisco-sa-expressway-redirect-KJsFuXgj

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-redirect-KJsFuXgj


Patch

Cisco Secure Email Gateway Server-Side Template Injection Vulnerability | cisco-sa-esa-priv-esc-ssti-xNO2EOGZ

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-priv-esc-ssti-xNO2EOGZ


Patch

Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion): July 2024 | cisco-sa-openssh-rce-2024

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024




CVE Vulnerabilities

Last edited: 25 September 2024 1:52 pm