Vulnerability in Cisco Meraki Systems Manager Agent
CVE-2024-20430
A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges. This vulnerability is due to incorrect handling of directory s…
EPSS: 0.002 (9.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Cisco Meraki Systems Manager Agent — versions 4.1.5, 4.1.4, 4.1.1
- Cisco Meraki_systems_manager
Weakness classification (CWE)
References
- psirt@cisco.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2024-20430?
- CVE-2024-20430 is a high-severity vulnerability in Cisco Meraki Systems Manager Agent, classified under Uncontrolled Search Path Element. CVSS score: 7.3/10. Published 2024-09-12.
- How severe is CVE-2024-20430?
- High severity. CVSS v3 base score is 7.3 out of 10.