Request a Demo
Rewterz
STOP aka DJVU Ransomware – Active IOCs
September 9, 2024
Rewterz
Multiple Linux Kernel Vulnerabilities
September 9, 2024

Multiple Cisco Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-20506 CVSS:6.1

Cisco ClamAV is vulnerable to a denial of service, caused by a flaw in the ClamD service module. By using a specially crafted symbolic link to replace the ClamD log file, a local authenticated attacker could exploit this vulnerability to corrupt critical system files.

CVE-2024-20505 CVSS:4

Cisco ClamAV is vulnerable to a denial of service, caused by an out-of-bounds read flaw in the PDF parsing module. By submitting a specially crafted PDF file, a local attacker could exploit this vulnerability to terminate the scanning process.

CVE-2024-20469 CVSS:6

Cisco Identity Services Engine could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation. By submitting a specially crafted CLI command, an authenticated attacker could exploit this vulnerability to gain elevated privileges to root.

CVE-2024-20503 CVSS:5.5

Cisco Duo Epic for Hyperdrive could allow a local authenticated attacker to obtain sensitive information, caused by improper storage of an unencrypted registry key. By viewing or querying the registry key, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2024-20497 CVSS:4.3

Cisco Expressway Edge could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to intercept calls that are destined for a particular phone number or to make phone calls and have that phone number appear on the caller ID.

Impact

  • Denial of Service
  • Information Disclosure
  • Security Bypass
  • Privilege Escalation

Indicators of Compromise

CVE

  • CVE-2024-20506
  • CVE-2024-20505
  • CVE-2024-20469
  • CVE-2024-20503
  • CVE-2024-20497

Affected Vendors

Cisco

Affected Products

  • Cisco Identity Services Engine
  • Cisco ClamAV 1.4.0
  • Cisco Duo Epic for Hyperdrive
  • Cisco Expressway Edge

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-20506

CVE-2024-20505

CVE-2024-20469

CVE-2024-20503

CVE-2024-20497