Cisco NSO Vulnerability Allows Elevation of Privileges

CVE-2024-20366

Summary

A vulnerability exists within the Tail-f High Availability Cluster Communications function pack of Cisco's Crosswork Network Services Orchestrator, which permits an authenticated local attacker to elevate privileges to root on the affected devices. This security flaw arises due to a user-controlled search path utilized for locating executable files. An attacker exploiting this vulnerability could manipulate the application configuration to trigger the execution of a malicious file. Successful exploitation enables the attacker to run arbitrary code on the affected device as a root user, requiring prior valid credentials. Thus, the impacted environment should be closely monitored and fortified against such attacks.

References