CVE-2024-20373

Summary

CVE-2024-20373 is a vulnerability affecting the SNMP IPv4 access control list (ACL) feature in Cisco IOS Software and Cisco IOS XE Software. Despite devices being configured to deny SNMP traffic, an unauthenticated, remote attacker can perform SNMP polling, bypassing the ACLs due to the lack of extended IPv4 ACL support for SNMP. This issue arises when administrators configure extended named IPv4 ACLs attached to the SNMP server without a warning message, resulting in no ACL being applied to the SNMP listening process. The attacker requires no control over the SNMP ACL configuration and still needs valid SNMP version 2c community strings or SNMP version 3 user credentials to exploit the vulnerability. SNMP with IPv6 ACL configurations remains unaffected.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.