Cisco IOS XR Local Auth CLI Escalation via Argument Validation Bypass
CVE-2024-20398 Published on September 11, 2024

Cisco IOS XR Software Local Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root.

NVD

Vulnerability Analysis

CVE-2024-20398 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is a Shell injection Vulnerability?

The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVE-2024-20398 has been classified to as a Shell injection vulnerability or weakness.

Products Associated with CVE-2024-20398

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-20398 are published in Cisco Ios Xr:

Cisco Ios Xr

Affected Versions

Cisco IOS XR Software:

Version 6.5.3 is affected.
Version 6.5.29 is affected.
Version 6.5.1 is affected.
Version 6.6.1 is affected.
Version 6.5.2 is affected.
Version 6.5.92 is affected.
Version 6.5.15 is affected.
Version 6.6.2 is affected.
Version 7.0.1 is affected.
Version 6.6.25 is affected.
Version 6.5.26 is affected.
Version 6.6.11 is affected.
Version 6.5.25 is affected.
Version 6.5.28 is affected.
Version 6.5.93 is affected.
Version 6.6.12 is affected.
Version 6.5.90 is affected.
Version 7.0.0 is affected.
Version 7.1.1 is affected.
Version 7.0.90 is affected.
Version 6.6.3 is affected.
Version 7.0.2 is affected.
Version 7.1.15 is affected.
Version 7.2.0 is affected.
Version 7.2.1 is affected.
Version 7.1.2 is affected.
Version 7.0.11 is affected.
Version 7.0.12 is affected.
Version 7.0.14 is affected.
Version 7.1.25 is affected.
Version 6.6.4 is affected.
Version 7.2.12 is affected.
Version 7.3.1 is affected.
Version 7.1.3 is affected.
Version 7.4.1 is affected.
Version 7.2.2 is affected.
Version 6.5.31 is affected.
Version 7.3.15 is affected.
Version 7.3.16 is affected.
Version 7.4.15 is affected.
Version 6.5.32 is affected.
Version 7.3.2 is affected.
Version 7.5.1 is affected.
Version 7.4.16 is affected.
Version 7.3.27 is affected.
Version 7.6.1 is affected.
Version 7.5.2 is affected.
Version 7.8.1 is affected.
Version 7.6.15 is affected.
Version 7.5.12 is affected.
Version 7.8.12 is affected.
Version 7.3.3 is affected.
Version 7.7.1 is affected.
Version 7.3.4 is affected.
Version 7.4.2 is affected.
Version 7.6.2 is affected.
Version 7.5.3 is affected.
Version 7.7.2 is affected.
Version 7.9.1 is affected.
Version 7.10.1 is affected.
Version 7.8.2 is affected.
Version 7.5.4 is affected.
Version 6.5.33 is affected.
Version 7.8.22 is affected.
Version 7.7.21 is affected.
Version 7.9.2 is affected.
Version 7.3.5 is affected.
Version 7.5.5 is affected.
Version 7.11.1 is affected.
Version 7.9.21 is affected.
Version 7.10.2 is affected.
Version 24.1.1 is affected.
Version 7.6.3 is affected.
Version 7.3.6 is affected.
Version 7.5.52 is affected.
Version 7.11.2 is affected.

cisco ios_xr_software:

Version 6.5.3, <= 7.11.2 is affected.

Exploit Probability

EPSS

0.31%

Percentile

53.65%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Cisco IOS XR Local Auth CLI Escalation via Argument Validation BypassCVE-2024-20398 Published on September 11, 2024

Vulnerability Analysis

Weakness Type

What is a Shell injection Vulnerability?

Products Associated with CVE-2024-20398

Affected Versions

Exploit Probability

Cisco IOS XR Local Auth CLI Escalation via Argument Validation Bypass
CVE-2024-20398 Published on September 11, 2024