Cisco iNode TLS Hijack via Static KeyArbitrary Traffic & DoS
CVE-2024-20323 Published on July 17, 2024
A vulnerability in Cisco Intelligent Node (iNode) Software could allow an unauthenticated, remote attacker to hijack the TLS connection between Cisco iNode Manager and associated intelligent nodes and send arbitrary traffic to an affected device. This vulnerability is due to the presence of hard-coded cryptographic material. An attacker in a man-in-the-middle position between Cisco iNode Manager and associated deployed nodes could exploit this vulnerability by using the static cryptographic key to generate a trusted certificate and impersonate an affected device. A successful exploit could allow the attacker to read data that is meant for a legitimate device, modify the startup configuration of an associated node, and, consequently, cause a denial of service (DoS) condition for downstream devices that are connected to the affected node.
Vulnerability Analysis
CVE-2024-20323 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a high impact on integrity, and no impact on availability.
Weakness Type
Use of Hard-coded Cryptographic Key
The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.
Products Associated with CVE-2024-20323
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-20323 are published in these products:
Affected Versions
Cisco Intelligent Node Manager:- Version N/A is affected.
- Version N/A is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.