Exploit released for Cisco SSM bug allowing admin password changes

Exploit released for Cisco SSM bug allowing admin password changes

August 8, 2024 at 03:02PM

Exploit code for a critical vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) is now available, allowing attackers to change any user password. The company warns of the availability of proof-of-concept exploit code but has not found evidence of attacks in the wild. Administrators must upgrade affected systems to secure them.

It seems that from the meeting notes, the key points are:

– Exploit code is now available for a maximum severity vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers, allowing attackers to change any user password on unpatched servers.
– Proof-of-concept exploit code is available for the vulnerability tracked as CVE-2024-20419.
– The vulnerability is caused by an unverified password change weakness in SSM On-Prem’s authentication system, allowing unauthenticated attackers to remotely change any user password without knowing the original credentials.
– Cisco has released security updates to address the flaw, and all admins must upgrade to a fixed release to secure vulnerable SSM On-Prem servers.
– CISA has warned admins to disable the legacy Cisco Smart Install feature due to recent attacks exploiting it to steal sensitive data.

These are the key takeaways from the meeting notes. Let me know if you need any further information or analysis related to this.

Full Article