Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Cisco Meraki Systems Manager Agent by Cisco

    CVE-2024-20430 (GCVE-0-2024-20430)

    Vulnerability from nvd – Published: 2024-09-12 19:37 – Updated: 2024-09-12 19:55
    VLAI
    Title
    Cisco Meraki Systems Manager Agent for Windows Privilege Escalation Vulnerability
    Summary
    A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.  This vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges. 
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Meraki Systems Manager Agent Affected: 4.1.5
    Affected: 4.1.4
    Affected: 4.1.1
    Affected: 4.0
    Affected: 3.8.2
    Affected: 3.7.2
    Affected: 3.7.1
    Affected: 3.7.0
    Affected: 3.6.0
    Affected: 3.5.2
    Affected: 3.1.4
    Affected: 3.1.3
    Affected: 3.1.2
    Affected: 3.1.1
    Affected: 3.0.3
    Affected: 3.0.2
    Affected: 3.0.1
    Affected: 3.0.0
    Affected: 2.0.0
    Affected: 1.0.99
    Affected: 1.0.98
    Create a notification for this product.
    cisco meraki_systems_manager_agent Affected: 0 , < 4.2.0 (custom)
        cpe:2.3:a:cisco:meraki_systems_manager_agent:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:meraki_systems_manager_agent:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "meraki_systems_manager_agent",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThan": "4.2.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20430",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-12T19:48:32.802767Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T19:55:15.962Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Meraki Systems Manager Agent",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.5"
                },
                {
                  "status": "affected",
                  "version": "4.1.4"
                },
                {
                  "status": "affected",
                  "version": "4.1.1"
                },
                {
                  "status": "affected",
                  "version": "4.0"
                },
                {
                  "status": "affected",
                  "version": "3.8.2"
                },
                {
                  "status": "affected",
                  "version": "3.7.2"
                },
                {
                  "status": "affected",
                  "version": "3.7.1"
                },
                {
                  "status": "affected",
                  "version": "3.7.0"
                },
                {
                  "status": "affected",
                  "version": "3.6.0"
                },
                {
                  "status": "affected",
                  "version": "3.5.2"
                },
                {
                  "status": "affected",
                  "version": "3.1.4"
                },
                {
                  "status": "affected",
                  "version": "3.1.3"
                },
                {
                  "status": "affected",
                  "version": "3.1.2"
                },
                {
                  "status": "affected",
                  "version": "3.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.3"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "1.0.99"
                },
                {
                  "status": "affected",
                  "version": "1.0.98"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.\u0026nbsp;\r\n\r\nThis vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges.\u0026nbsp;"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "As of the publication of this advisory, the Cisco Meraki Product Security Incident Response Team (PSIRT) was not aware of any public announcement or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-12T19:37:52.614Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-meraki-agent-dll-hj-Ptn7PtKe",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe"
            }
          ],
          "source": {
            "advisory": "cisco-sa-meraki-agent-dll-hj-Ptn7PtKe",
            "discovery": "INTERNAL"
          },
          "title": "Cisco Meraki Systems Manager Agent for Windows Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20430",
        "datePublished": "2024-09-12T19:37:52.614Z",
        "dateReserved": "2023-11-08T15:08:07.666Z",
        "dateUpdated": "2024-09-12T19:55:15.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20430 (GCVE-0-2024-20430)

    Vulnerability from cvelistv5 – Published: 2024-09-12 19:37 – Updated: 2024-09-12 19:55
    VLAI
    Title
    Cisco Meraki Systems Manager Agent for Windows Privilege Escalation Vulnerability
    Summary
    A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.&nbsp; This vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges.&nbsp;
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Meraki Systems Manager Agent Affected: 4.1.5
    Affected: 4.1.4
    Affected: 4.1.1
    Affected: 4.0
    Affected: 3.8.2
    Affected: 3.7.2
    Affected: 3.7.1
    Affected: 3.7.0
    Affected: 3.6.0
    Affected: 3.5.2
    Affected: 3.1.4
    Affected: 3.1.3
    Affected: 3.1.2
    Affected: 3.1.1
    Affected: 3.0.3
    Affected: 3.0.2
    Affected: 3.0.1
    Affected: 3.0.0
    Affected: 2.0.0
    Affected: 1.0.99
    Affected: 1.0.98
    Create a notification for this product.
    cisco meraki_systems_manager_agent Affected: 0 , < 4.2.0 (custom)
        cpe:2.3:a:cisco:meraki_systems_manager_agent:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:meraki_systems_manager_agent:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "meraki_systems_manager_agent",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThan": "4.2.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20430",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-12T19:48:32.802767Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T19:55:15.962Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Meraki Systems Manager Agent",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.5"
                },
                {
                  "status": "affected",
                  "version": "4.1.4"
                },
                {
                  "status": "affected",
                  "version": "4.1.1"
                },
                {
                  "status": "affected",
                  "version": "4.0"
                },
                {
                  "status": "affected",
                  "version": "3.8.2"
                },
                {
                  "status": "affected",
                  "version": "3.7.2"
                },
                {
                  "status": "affected",
                  "version": "3.7.1"
                },
                {
                  "status": "affected",
                  "version": "3.7.0"
                },
                {
                  "status": "affected",
                  "version": "3.6.0"
                },
                {
                  "status": "affected",
                  "version": "3.5.2"
                },
                {
                  "status": "affected",
                  "version": "3.1.4"
                },
                {
                  "status": "affected",
                  "version": "3.1.3"
                },
                {
                  "status": "affected",
                  "version": "3.1.2"
                },
                {
                  "status": "affected",
                  "version": "3.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.3"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "1.0.99"
                },
                {
                  "status": "affected",
                  "version": "1.0.98"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.\u0026nbsp;\r\n\r\nThis vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges.\u0026nbsp;"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "As of the publication of this advisory, the Cisco Meraki Product Security Incident Response Team (PSIRT) was not aware of any public announcement or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-12T19:37:52.614Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-meraki-agent-dll-hj-Ptn7PtKe",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe"
            }
          ],
          "source": {
            "advisory": "cisco-sa-meraki-agent-dll-hj-Ptn7PtKe",
            "discovery": "INTERNAL"
          },
          "title": "Cisco Meraki Systems Manager Agent for Windows Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20430",
        "datePublished": "2024-09-12T19:37:52.614Z",
        "dateReserved": "2023-11-08T15:08:07.666Z",
        "dateUpdated": "2024-09-12T19:55:15.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }