CVE-2024-20430

Summary

A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges. 

This vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges. 

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Meraki Systems Manager Agent4.1.5affected
CiscoCisco Meraki Systems Manager Agent4.1.4affected
CiscoCisco Meraki Systems Manager Agent4.1.1affected
CiscoCisco Meraki Systems Manager Agent4.0affected
CiscoCisco Meraki Systems Manager Agent3.8.2affected
CiscoCisco Meraki Systems Manager Agent3.7.2affected
CiscoCisco Meraki Systems Manager Agent3.7.1affected
CiscoCisco Meraki Systems Manager Agent3.7.0affected
CiscoCisco Meraki Systems Manager Agent3.6.0affected
CiscoCisco Meraki Systems Manager Agent3.5.2affected
CiscoCisco Meraki Systems Manager Agent3.1.4affected
CiscoCisco Meraki Systems Manager Agent3.1.3affected
CiscoCisco Meraki Systems Manager Agent3.1.2affected
CiscoCisco Meraki Systems Manager Agent3.1.1affected
CiscoCisco Meraki Systems Manager Agent3.0.3affected
CiscoCisco Meraki Systems Manager Agent3.0.2affected
CiscoCisco Meraki Systems Manager Agent3.0.1affected
CiscoCisco Meraki Systems Manager Agent3.0.0affected
CiscoCisco Meraki Systems Manager Agent2.0.0affected
CiscoCisco Meraki Systems Manager Agent1.0.99affected
CiscoCisco Meraki Systems Manager Agent1.0.98affected

Weaknesses

  • CWE-427: Uncontrolled Search Path Element

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References