CVE-2024-20301 — Vulnetix

CVE-2024-20301 PUBLISHED CVSS 6.199999809265137 MEDIUM

A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of the affected device. An attacker with primary user credentials could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the affected device without valid permissions.

EPSS 0.01% · 1.5th percentile

Risk Scores

CVSS 3.1

6.199999809265137

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.01%

1.5th percentile

Affected Products

Vendor	Product	Versions
Cisco	Cisco Duo	2.0.0, 1.0.2, 1.0.3
cisco	duo_authentication_for_windows_logon_and_rdp	4.2.0, 4.2.0, 4.2.0

Exploit Intelligence

CIRCL seen: CVE-2024-20301 (circl-sighting)
cisco-sa-duo-win-bypass-pn42KKBm (circl)

Timeline

Mar 6, 2024 CVE Published
Mar 7, 2024 EPSS Score
Mar 8, 2024 PoC Published
Apr 2, 2024 EPSS Score
Apr 29, 2024 EPSS Score
May 25, 2024 EPSS Score
Jun 21, 2024 EPSS Score
Jul 17, 2024 EPSS Score
Aug 13, 2024 EPSS Score
Sep 8, 2024 EPSS Score
Oct 4, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score

References

cisco-sa-duo-win-bypass-pn42KKBm url
https://nvd.nist.gov/vuln/detail/CVE-2024-20301 advisory

Open in Interactive Console →