Summary:
A critical vulnerability, identified as CVE-2024-20301, has been discovered in Cisco Duo Authentication for Windows Logon and Remote Desktop Protocol (RDP). This flaw could allow an authenticated, local attacker to bypass secondary authentication mechanisms, granting unauthorized access to Windows devices. The vulnerability arises from a failure to invalidate locally created trusted sessions after a device reboot, allowing attackers with primary user credentials to exploit this weakness. It affects versions 4.2.0 through 4.2.2 of Cisco Duo Authentication for Windows Logon and RDP. The discovery of this vulnerability emphasizes the importance of maintaining up-to-date software and adhering to best security practices to mitigate potential exploitation, ensure organizational data and resource security.[/subscribe_to_unlock_form]
Summary:
A critical vulnerability, identified as CVE-2024-20301, has been discovered in Cisco Duo Authentication for Windows Logon and Remote Desktop Protocol (RDP). This flaw could allow an authenticated, local attacker to bypass secondary authentication mechanisms, granting unauthorized access to Windows devices. The vulnerability arises from a failure to invalidate locally created trusted sessions after a device reboot, allowing attackers with primary user credentials to exploit this weakness. It affects versions 4.2.0 through 4.2.2 of Cisco Duo Authentication for Windows Logon and RDP. The discovery of this vulnerability emphasizes the importance of maintaining up-to-date software and adhering to best security practices to mitigate potential exploitation, ensure organizational data and resource security.[emaillocker id="1283"]
Recommendations:
References:
The following reports contain further technical details:
[/emaillocker]