Multiple vulnerabilities in Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices



Risk High
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2024-20498
CVE-2024-20499
CVE-2024-20500
CVE-2024-20501
CVE-2024-20502
CVE-2024-20513
CWE-ID CWE-415
CWE-400
CWE-639
Exploitation vector Network
Public exploit N/A
Vulnerable software
 Meraki MX
Hardware solutions / Firmware

Cisco Meraki MX67W
Hardware solutions / Firmware

Cisco Meraki MX68CW
Hardware solutions / Firmware

Cisco Meraki MX68W
Hardware solutions / Firmware

Cisco Meraki MX64
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX64W
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX65
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX65W
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX67
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX67C
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX68
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX75
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX84
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX85
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX95
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX100
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX105
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX250
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX400
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX450
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MX600
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki vMX
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki Z3
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki Z3Z3C
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki Z3Z4
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki Z3Z4C
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Double free

EUVDB-ID: #VU98026

Risk: High

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-20498

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. A remote attacker can pass specially crafted data to the application, trigger double free error and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Meraki MX: 16.2 - 18.0

Cisco Meraki MX64: All versions

Cisco Meraki MX64W: All versions

Cisco Meraki MX65: All versions

Cisco Meraki MX65W: All versions

Cisco Meraki MX67: All versions

Cisco Meraki MX67C: All versions

Cisco Meraki MX67W: All versions

Cisco Meraki MX68: All versions

Cisco Meraki MX68CW: All versions

Cisco Meraki MX68W: All versions

Cisco Meraki MX75: All versions

Cisco Meraki MX84: All versions

Cisco Meraki MX85: All versions

Cisco Meraki MX95: All versions

Cisco Meraki MX100: All versions

Cisco Meraki MX105: All versions

Cisco Meraki MX250: All versions

Cisco Meraki MX400: All versions

Cisco Meraki MX450: All versions

Cisco Meraki MX600: All versions

Cisco Meraki vMX: All versions

Cisco Meraki Z3: All versions

Cisco Meraki Z3Z3C: All versions

Cisco Meraki Z3Z4: All versions

Cisco Meraki Z3Z4C: All versions

CPE2.3 External links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Double free

EUVDB-ID: #VU98027

Risk: High

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-20499

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. A remote attacker can pass specially crafted data to the application, trigger double free error and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Meraki MX: 16.2 - 18.0

Cisco Meraki MX64: All versions

Cisco Meraki MX64W: All versions

Cisco Meraki MX65: All versions

Cisco Meraki MX65W: All versions

Cisco Meraki MX67: All versions

Cisco Meraki MX67C: All versions

Cisco Meraki MX67W: All versions

Cisco Meraki MX68: All versions

Cisco Meraki MX68CW: All versions

Cisco Meraki MX68W: All versions

Cisco Meraki MX75: All versions

Cisco Meraki MX84: All versions

Cisco Meraki MX85: All versions

Cisco Meraki MX95: All versions

Cisco Meraki MX100: All versions

Cisco Meraki MX105: All versions

Cisco Meraki MX250: All versions

Cisco Meraki MX400: All versions

Cisco Meraki MX450: All versions

Cisco Meraki MX600: All versions

Cisco Meraki vMX: All versions

Cisco Meraki Z3: All versions

Cisco Meraki Z3Z3C: All versions

Cisco Meraki Z3Z4: All versions

Cisco Meraki Z3Z4C: All versions

CPE2.3 External links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Resource exhaustion

EUVDB-ID: #VU98029

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-20500

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient resource management when establishing TLS/SSL sessions in the Cisco AnyConnect VPN server. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Meraki MX: 16.2 - 18.0

Cisco Meraki MX64: All versions

Cisco Meraki MX64W: All versions

Cisco Meraki MX65: All versions

Cisco Meraki MX65W: All versions

Cisco Meraki MX67: All versions

Cisco Meraki MX67C: All versions

Cisco Meraki MX67W: All versions

Cisco Meraki MX68: All versions

Cisco Meraki MX68CW: All versions

Cisco Meraki MX68W: All versions

Cisco Meraki MX75: All versions

Cisco Meraki MX84: All versions

Cisco Meraki MX85: All versions

Cisco Meraki MX95: All versions

Cisco Meraki MX100: All versions

Cisco Meraki MX105: All versions

Cisco Meraki MX250: All versions

Cisco Meraki MX400: All versions

Cisco Meraki MX450: All versions

Cisco Meraki MX600: All versions

Cisco Meraki vMX: All versions

Cisco Meraki Z3: All versions

Cisco Meraki Z3Z3C: All versions

Cisco Meraki Z3Z4: All versions

Cisco Meraki Z3Z4C: All versions

CPE2.3 External links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Double free

EUVDB-ID: #VU98028

Risk: High

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-20501

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. A remote attacker can pass specially crafted data to the application, trigger double free error and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Meraki MX: 16.2 - 18.0

Cisco Meraki MX64: All versions

Cisco Meraki MX64W: All versions

Cisco Meraki MX65: All versions

Cisco Meraki MX65W: All versions

Cisco Meraki MX67: All versions

Cisco Meraki MX67C: All versions

Cisco Meraki MX67W: All versions

Cisco Meraki MX68: All versions

Cisco Meraki MX68CW: All versions

Cisco Meraki MX68W: All versions

Cisco Meraki MX75: All versions

Cisco Meraki MX84: All versions

Cisco Meraki MX85: All versions

Cisco Meraki MX95: All versions

Cisco Meraki MX100: All versions

Cisco Meraki MX105: All versions

Cisco Meraki MX250: All versions

Cisco Meraki MX400: All versions

Cisco Meraki MX450: All versions

Cisco Meraki MX600: All versions

Cisco Meraki vMX: All versions

Cisco Meraki Z3: All versions

Cisco Meraki Z3Z3C: All versions

Cisco Meraki Z3Z4: All versions

Cisco Meraki Z3Z4C: All versions

CPE2.3 External links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Resource exhaustion

EUVDB-ID: #VU98030

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-20502

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient resource management while establishing SSL VPN sessions in the Cisco AnyConnect VPN server. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Meraki MX: 16.2 - 18.0

Cisco Meraki MX64: All versions

Cisco Meraki MX64W: All versions

Cisco Meraki MX65: All versions

Cisco Meraki MX65W: All versions

Cisco Meraki MX67: All versions

Cisco Meraki MX67C: All versions

Cisco Meraki MX67W: All versions

Cisco Meraki MX68: All versions

Cisco Meraki MX68CW: All versions

Cisco Meraki MX68W: All versions

Cisco Meraki MX75: All versions

Cisco Meraki MX84: All versions

Cisco Meraki MX85: All versions

Cisco Meraki MX95: All versions

Cisco Meraki MX100: All versions

Cisco Meraki MX105: All versions

Cisco Meraki MX250: All versions

Cisco Meraki MX400: All versions

Cisco Meraki MX450: All versions

Cisco Meraki MX600: All versions

Cisco Meraki vMX: All versions

Cisco Meraki Z3: All versions

Cisco Meraki Z3Z3C: All versions

Cisco Meraki Z3Z4: All versions

Cisco Meraki Z3Z4C: All versions

CPE2.3 External links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Authorization bypass through user-controlled key

EUVDB-ID: #VU98031

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-20513

CWE-ID: CWE-639 - Authorization Bypass Through User-Controlled Key

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient entropy for handlers that are used during SSL VPN session establishment in the Cisco AnyConnect VPN server. A remote attacker can send a specially crafted HTTPS request using the brute-forced or predicted session handler and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Meraki MX: 16.2 - 18.0

Cisco Meraki MX64: All versions

Cisco Meraki MX64W: All versions

Cisco Meraki MX65: All versions

Cisco Meraki MX65W: All versions

Cisco Meraki MX67: All versions

Cisco Meraki MX67C: All versions

Cisco Meraki MX67W: All versions

Cisco Meraki MX68: All versions

Cisco Meraki MX68CW: All versions

Cisco Meraki MX68W: All versions

Cisco Meraki MX75: All versions

Cisco Meraki MX84: All versions

Cisco Meraki MX85: All versions

Cisco Meraki MX95: All versions

Cisco Meraki MX100: All versions

Cisco Meraki MX105: All versions

Cisco Meraki MX250: All versions

Cisco Meraki MX400: All versions

Cisco Meraki MX450: All versions

Cisco Meraki MX600: All versions

Cisco Meraki vMX: All versions

Cisco Meraki Z3: All versions

Cisco Meraki Z3Z3C: All versions

Cisco Meraki Z3Z4: All versions

Cisco Meraki Z3Z4C: All versions

CPE2.3 External links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###