Privilege Escalation and DoS Vulnerabilities Impact Flexera and Cisco Products

EXECUTIVE SUMMARY:

A pair of high-severity vulnerabilities have been identified in widely used enterprise and industrial networking components, which could allow attackers to escalate privileges or disrupt operations. Tracked as CVE-2024-2658 and CVE-2024-20354, these flaws affect Flexera FlexNet Publisher and Cisco Aironet Access Points, respectively.[emaillocker id="1283"]

• CVE-2024-2658: With a CVSS v4.0 score of 8.5 (High), this local privilege escalation vulnerability stems from an uncontrolled search path element in the lmadmin.exe component of FlexNet Publisher. A local attacker can exploit this by placing a crafted openssl.conf file and malicious DLL in a writable directory, allowing the service to load and execute attacker-controlled code with elevated privileges.
• CVE-2024-20354: Rated 4.7 (CVSS v3.1), this vulnerability affects Cisco Aironet Access Points and is caused by improper validation of incoming IP traffic. An unauthenticated attacker on the local network can send specially crafted IP packets to trigger a denial-of-service (DoS) condition, causing affected devices to reload repeatedly.

These vulnerabilities highlight the risks associated with misconfigured file loading paths and insufficient input validation in critical infrastructure systems.

RECOMMENDATION:

• We strongly recommend you update Flexera FlexNet Publisher to version 2024 R1 11.19.6.0 or newer.
• We recommend you refer below mentioned link to apply patches for CVE-2024-20354:
  https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-ap-dos-PPPtcVW

REFERENCES:

The following reports contain further technical details:

• https://cyble.com/blog/cyberattacks-targets-maritime-industry/