Active exploitation of Cisco Smart Install underway - #CVE-2024-20419
Multiple critical vulnerabilities affecting various Cisco products have been disclosed, most notably CVE-2024-20419, which permits attackers to change any user's password, including those of administrators, without authentication. This flaw, prevalent in Cisco's Smart Software Manager On-Prem (SSM On-Prem) and its predecessor SSM Satellite, boasts a severity score of 10 and has publicly available exploit code, necessitating immediate patching. Other vulnerabilities include the CVE-2024-20401 in Secure Email Gateway (SEG) appliances, enabling unauthorized root access and denial-of-service attacks via malicious email attachments. Security agencies like CISA have raised alarms on these issues and urged adherence to strong cybersecurity practices. To mitigate risks, users are advised to update affected systems promptly and secure their network devices against exploitation via robust password management and hashing algorithms.