April 29, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
APT37 Aka ScarCruft or RedEyes – Active IOCs
September 27, 2024North Korean APT Kimsuky aka Black Banshee – Active IOCs
September 27, 2024APT37 Aka ScarCruft or RedEyes – Active IOCs
September 27, 2024North Korean APT Kimsuky aka Black Banshee – Active IOCs
September 27, 2024
Severity
Medium
Analysis Summary
CVE-2024-20465 CVSS:6.8
Cisco IOS Software could allow a remote attacker to bypass security restrictions, caused by the incorrect handling of IPv4 ACLs on switched virtual interfaces when an administrator enables and disables Resilient Ethernet Protocol (REP). By sending specially crafted traffic, an attacker could exploit this vulnerability to bypass an ACL.
CVE-2024-20510 CVSS:4.7
Cisco IOS XE Software could allow a remote attacker to bypass security restrictions, caused by a logic error when activating the pre-authentication ACL received from the authentication, authorization, and accounting (AAA) server. By sending specially crafted traffic, an attacker could exploit this vulnerability to bypass configured ACL protections.
CVE-2024-20433 CVSS:8.6
Cisco IOS and IOS XE Software is vulnerable to a denial of service, caused by a buffer overflow when processing RSVP packets. By sending specially crafted RSVP traffic, a remote attacker could exploit this vulnerability to cause device to reload, and results in a denial of service condition.
Impact
- Security Bypass
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-20465
- CVE-2024-20510
- CVE-2024-20433
Affected Vendors
Cisco
Affected Products
- Cisco IOS Software
- Cisco IOS XE Software
- 9400
- and 9500 Series Switches
- Cisco Catalyst 9800 Series Wireless Controllers
- Cisco Catalyst 9800-CL Wireless Controllers for Cloud
- Cisco Industrial Ethernet 4000 Series Switches
- Cisco Industrial Ethernet 4010 Series Switches
- Cisco Industrial Ethernet 5000 Series Switches
- Cisco Embedded Wireless Controllers on Catalyst Access Points
- Cisco IOS XE Software - 16.3.1 - 16.3.2 - 16.3.3 - 16.3.1a - 16.3.4 - 16.3.5 - 16.3.5b - 16.3.6 - 16.3.7 - 16.3.8 - 16.3.9 - 16.3.10 - 16.3.11 - 16.4.1 - 16.4.2 - 16.4.3 - 16.5.1 - 16.5.1a - 16.5.1b - 16.5.2 - 16.5.3 - 16.6.1 - 16.6.2 - 16.6.3 - 16.6.4
- Cisco IOS XE Software - 3.7.0S - 3.7.1S - 3.7.2S - 3.7.3S - 3.7.4S - 3.7.5S - 3.7.6S - 3.7.7S - 3.7.4aS - 3.7.2tS - 3.7.0bS - 3.7.1aS - 3.3.0SG - 3.3.2SG - 3.3.1SG - 3.8.0S - 3.8.1S - 3.8.2S - 3.9.1S - 3.9.0S - 3.9.2S - 3.9.1aS - 3.9.0aS - 3.4.0SG - 3.4
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.
