Cisco fixes root escalation vulnerability with public exploit code

Cisco has fixed a command injection vulnerability with public exploit code that lets attackers escalate privileges to root on vulnerable systems.

Tracked as CVE-2024-20469, the security flaw was found in Cisco’s Identity Services Engine (ISE) solution, an identity-based network access control and policy enforcement software that enables network device administration and endpoint access control in enterprise environments.

This OS command injection vulnerability is caused by insufficient validation of user-supplied input. Local attackers can exploit this weakness by submitting maliciously crafted CLI commands in low-complexity attacks that don’t require user interaction.

However, as Cisco explains, threat actors can only exploit this flaw successfully if they already have Administrator privileges on unpatched systems.

“A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root,” the company warned in a security advisory published on Wednesday.

“The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory.”

Cisco ISE Release	First Fixed Release
3.1 and earlier	Not affected
3.2	3.2P7 (Sep 2024)
3.3	3.3P4 (Oct 2024)
3.4	Not affected

So far, the company has yet to discover evidence of attackers exploiting this security vulnerability in the wild.

ADVERTISING

Cisco also warned customers today that it removed a backdoor account in its Smart Licensing Utility Windows software that attackers can use to log into unpatched systems with administrative privileges.

In April, it released security patches for an Integrated Management Controller (IMC) vulnerability (CVE-2024-20295) with publicly available exploit code that also allows local attackers to escalate privileges to root.

Another critical flaw (CVE-2024-20401), which lets threat actors add rogue root users and permanently crash Security Email Gateway (SEG) appliances via malicious emails, was patched last month.

The same week, it warned of a maximum-severity vulnerability that lets attackers change any user password on vulnerable Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers, including administrators.

Sergiu Gatlan

Leave a Comment Cancel Reply

London, GB

2:47 pm, Jun 23, 2025

22°C

L: 21° | H: 23°

Feels like 21°C° broken clouds

Humidity: 41 %

Pressure: 1014 mb

Wind: 17 mph W

Wind Gust: 0 mph

UV Index: 0

Precipitation: 0 mm

Clouds: 53%

Rain Chance: 0%

Visibility: 10 km

Sunrise: 4:43 am

Sunset: 9:21 pm

DailyHourly

Daily ForecastHourly Forecast

Today 10:00 pm

21° | 23°°C 0 mm 0% 14 mph 49 % 1015 mb 0 mm/h

Tomorrow 10:00 pm

13° | 23°°C 0.2 mm 20% 14 mph 80 % 1016 mb 0 mm/h

Wed Jun 25 10:00 pm

16° | 28°°C 0 mm 0% 9 mph 89 % 1013 mb 0 mm/h

Thu Jun 26 10:00 pm

17° | 22°°C 1 mm 100% 14 mph 91 % 1017 mb 0 mm/h

Fri Jun 27 10:00 pm

14° | 27°°C 0 mm 0% 16 mph 69 % 1020 mb 0 mm/h

Today 4:00 pm

22° | 22°°C 0 mm 0% 13 mph 41 % 1014 mb 0 mm/h

Today 7:00 pm

21° | 22°°C 0 mm 0% 14 mph 40 % 1014 mb 0 mm/h

Today 10:00 pm

17° | 19°°C 0 mm 0% 10 mph 49 % 1015 mb 0 mm/h

Tomorrow 1:00 am

14° | 14°°C 0 mm 0% 9 mph 68 % 1016 mb 0 mm/h

Tomorrow 4:00 am

13° | 13°°C 0 mm 0% 8 mph 80 % 1014 mb 0 mm/h

Tomorrow 7:00 am

15° | 15°°C 0 mm 0% 11 mph 75 % 1014 mb 0 mm/h

Tomorrow 10:00 am

19° | 19°°C 0 mm 0% 12 mph 63 % 1013 mb 0 mm/h

Tomorrow 1:00 pm

20° | 20°°C 0 mm 0% 14 mph 66 % 1013 mb 0 mm/h

Name	Price	24H (%)
Bitcoin(BTC)	€88,783.17	1.08%
Ethereum(ETH)	€1,980.88	3.37%
Tether(USDT)	€0.87	0.00%
XRP(XRP)	€1.76	2.74%
Solana(SOL)	€117.74	5.05%
USDC(USDC)	€0.87	0.01%
Dogecoin(DOGE)	€0.134502	3.73%
Shiba Inu(SHIB)	€0.000010	5.16%
Pepe(PEPE)	€0.000008	4.88%
Peanut the Squirrel(PNUT)	€0.219411	13.10%

Cisco fixes root escalation vulnerability with public exploit code

Share:

Leave a Comment Cancel Reply

Utility link

Useful link

Newsletter

Follow Us