July 18, 2024 at 02:19AM
Cisco released patches for a critical security flaw in Smart Software Manager On-Prem (Cisco SSM On-Prem) allowing remote attackers to change user passwords. The flaw, tracked as CVE-2024-20419, carries a CVSS score of 10.0. CISA also added three vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies to apply mitigations by August 7, 2024.
Based on the meeting notes, here are the key takeaways:
1. Cisco has released patches to address a critical security flaw in Smart Software Manager On-Prem (Cisco SSM On-Prem) that could allow a remote, unauthenticated attacker to change user passwords, affecting versions 8-202206 and earlier. The vulnerability is tracked as CVE-2024-20419 and carries a CVSS score of 10.0. The issue has been fixed in version 8-202212, and it’s important to note that version 9 is not affected.
2. CISA has added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including:
– CVE-2024-34102 (CVSS score: 9.8) affecting Adobe Commerce and Magento Open Source
– CVE-2024-28995 (CVSS score: 8.6) affecting SolarWinds Serv-U
– CVE-2022-22948 (CVSS score: 6.5) affecting VMware vCenter Server
These vulnerabilities are being actively exploited, and federal agencies are required to apply mitigations per vendor instructions by August 7, 2024, to secure their networks against these threats.
3. Specific details were provided for each vulnerability, including potential exploitation methods and the release of a proof-of-concept (PoC) exploit for CVE-2024-34102 (CosmicSting). Additionally, activity related to CVE-2024-28995 and CVE-2022-22948 has been attributed to security researchers and a China-nexus cyber espionage group, respectively.
Would you like me to accumulate any more details?