Cisco Duo Authentication Vulnerability Allows Bypass of Secondary Authentication

CVE-2024-20301

6.2MEDIUM

Key Information

Vendor
Cisco
Status
Cisco Duo
Vendor
CVE Published:
6 March 2024

Badges

πŸ’° RansomwareπŸ‘Ύ Exploit ExistsπŸ“° News Worthy

Summary

A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device.

This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of the affected device. An attacker with primary user credentials could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the affected device without valid permissions.

Affected Version(s)

Cisco Duo = 1.0.1

Cisco Duo = 1.0.2

Cisco Duo = 1.0.3

News Articles

favicon imageCybersecurityNews

Cisco Duo for Windows Logon and RDP Let Attacker Bypass Authentication

A vulnerability, CVE-2024-20301 identified in Cisco Duo Authentication for Windows Logon and Remote Desktop Protocol (RDP), risk to affected.

10 months ago

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ’°

    Used in Ransomware

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by CybersecurityNews

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database1 News Article(s)
.