Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager
Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users.
The vulnerability, tracked as CVE-2024-20419, carries a CVSS score of 10.0.
"This vulnerability is due to improper implementation of the password-change process," the company said in an advisory. "An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user."
The shortcoming affects Cisco SSM On-Prem versions 8-202206 and earlier. It has been fixed in version 8-202212. It's worth noting that version 9 is not susceptible to the flaw.
Cisco said there are no workarounds that resolve the issue, and that it's not aware of any malicious exploitation in the wild. Security researcher Mohammed Adel has been credited with discovering and reporting the bug.
CISA Adds 3 Flaws to KEV Catalog
The disclosure comes as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation -
- CVE-2024-34102 (CVSS score: 9.8) - Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability
- CVE-2024-28995 (CVSS score: 8.6) - SolarWinds Serv-U Path Traversal Vulnerability
- CVE-2022-22948 (CVSS score: 6.5) - VMware vCenter Server Incorrect Default File Permissions Vulnerability
CVE-2024-34102, which is also referred to as CosmicSting, is a severe security flaw arising from improper handling of nested deserialization, allowing attackers to achieve remote code execution. A proof-of-concept (PoC) exploit for the flaw was released by Assetnote late last month.
Reports about the exploitation of CVE-2024-28995, a directory transversal vulnerability that could enable access to sensitive files on the host machine, were detailed by GreyNoise, including attempts to read files such as /etc/passwd.
The abuse of CVE-2022-22948, on the other hand, has been attributed by Google-owned Mandiant to a China-nexus cyber espionage group known as UNC3886, which has a history of leveraging zero-day flaws in Fortinet, Ivanti, and VMware appliances.
Federal agencies are required to apply mitigations per vendor instructions by August 7, 2024, to secure their networks against active threats.
Grype: Open-source vulnerability scanner for container images, filesystems
SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately
CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2018-19410 Paessler PRTG Network Monitor Local File Inclusion Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability
CVE-2017-0148 Microsoft SMBv1 Server Remote Code Execution Vulnerability
CVE-2018-8639 Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
Free online web security scanner
