September 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Google Android Vulnerabilities
September 17, 2024
Multiple Adobe Products Vulnerabilities
September 17, 2024
Multiple Google Android Vulnerabilities
September 17, 2024
Multiple Adobe Products Vulnerabilities
September 17, 2024
Severity
High
Analysis Summary
CVE-2024-20483 CVSS:7.2
Cisco Routed Passive Optical Network (PON) Controller Software could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper validation of arguments that are passed to specific configuration commands. By sending specially crafted input, an attacker could exploit this vulnerability to execute arbitrary commands as root on the PON controller.
CVE-2024-20304 CVSS:8.6
Cisco IOS XR Software is vulnerable to a denial of service, caused by improper handling of packet memory in the Mtrace2 code. By sending specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Gain Access
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-20483
- CVE-2024-20304
Affected Vendors
Cisco
Affected Products
- Cisco NCS 540-24Q8L2DD-SYS Router
- Cisco NCS 540-24Z8Q2C-SYS Router
- Cisco NCS 540-28Z4C-SYS-A Router
- Cisco NCS 540-28Z4C-SYS-D Router
- Cisco IOS XR Software - 7.11.2
- Cisco IOS XR Software - 7.7.1
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.