Cisco Issues Security Advisories: Critical Vulnerabilities Impact Multiple Products

CVE-2024-20398 & CVE-2024-20381

Cisco Systems has released a series of urgent security advisories, revealing a total of nine vulnerabilities affecting various products, including Cisco IOS XR Software, Crosswork Network Services Orchestrator (NSO), Optical Site Manager, and RV340 Dual WAN Gigabit VPN Routers. These vulnerabilities range in severity, with some allowing unauthenticated attackers to launch denial-of-service (DoS) attacks or even execute arbitrary code remotely.

Key Vulnerabilities and Their Impacts

  • CVE-2024-20304 (CVSS 8.6): A vulnerability in the multicast traceroute feature of Cisco IOS XR Software could enable unauthenticated, remote attackers to exhaust UDP packet memory, potentially leading to DoS conditions.
  • CVE-2024-20381 (CVSS 8.8): A vulnerability in the JSON-RPC API used by the web-based management interfaces of multiple Cisco products could allow authenticated, remote attackers to modify configurations, create new user accounts, or elevate their privileges.
  • CVE-2024-20398 (CVSS 8.8): A vulnerability in the CLI of Cisco IOS XR Software could allow authenticated, local attackers to gain root access to the underlying operating system.
  • CVE-2024-20483 (CVSS 7.2) and CVE-2024-20489 (CVSS 8.4): Vulnerabilities in the Cisco Routed PON Controller could allow authenticated attackers with specific privileges to execute arbitrary commands or obtain sensitive credentials.

Cisco’s Response and Recommendations

Cisco has released software updates to address most of these vulnerabilities and is actively working on fixes for the remaining ones. The company strongly urges users to apply these updates as soon as possible to mitigate the risks associated with these vulnerabilities. There are currently no workarounds available for any of the reported vulnerabilities.

Related Posts: