CVE-2024-20391

MEDIUM Year: 2024
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-306
View all →

Vulnerability Description

A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM. This vulnerability is due to a lack of authentication on a specific function. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges on an affected device.

Related Vulnerabilities

CVE-2017-17746

MEDIUM
CVSS:6.8(Medium)

Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with an authenticated administrator to access the device without entering user credentials. The authenticatio...

CWE-3062017

CVE-2017-8156

MEDIUM
CVSS:6.8(Medium)

The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. An attacker can access the serial port on the circuit board...

CWE-3062017

CVE-2019-16258

MEDIUM
CVSS:6.8(Medium)

The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal U...

CWE-3062019

CVE-2020-10263

MEDIUM
CVSS:6.8(Medium)

An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can (i) read Wi-Fi SSID or password, (ii) read the dialogue...

CWE-3062020

CVE-2020-15483

MEDIUM
CVSS:6.8(Medium)

An issue was discovered on Nescomed Multipara Monitor M1000 devices. The physical UART debug port provides a shell, without requiring a password, with complete access.

CWE-3062020

CVE-2020-1813

MEDIUM
CVSS:6.8(Medium)

HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario att...

CWE-3062020