

FIN7 APT Sells Tool for Security Bypass on Dark Web Forums – Active IOCs
July 18, 2024
A New Raspberry Robin Malware – Active IOCs
July 18, 2024
FIN7 APT Sells Tool for Security Bypass on Dark Web Forums – Active IOCs
July 18, 2024
A New Raspberry Robin Malware – Active IOCs
July 18, 2024Severity
High
Analysis Summary
CVE-2024-20401 CVSS:9.8
Cisco Secure Email Gateway could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of email attachments when file analysis and content filters are enabled. By sending an email that contains a crafted attachment, an attacker could exploit this vulnerability to add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device.
CVE-2024-20419 CVSS:10
Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow a remote attacker to gain elevated privileges on the system, caused by improper implementation of the password-change process. By sending specially crafted HTTP requests, an attacker could exploit this vulnerability to access the web UI or API and change the password of any user, including administrative users.
Impact
- Gain Access
- Code Execution
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-20401
- CVE-2024-20419
Affected Vendors
Affected Products
- Cisco Secure Email Gateway
- Cisco Smart Software Manager On-Prem 8-202206
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.