CVE-2024-20323

Name of the Vulnerable Software and Affected Versions Cisco Intelligent Node (iNode) Software (affected versions not specified)

Description The issue is related to the use of a hard-coded cryptographic key in the software, which could allow a remote attacker to exploit the vulnerability and impact the confidentiality, integrity, and availability of protected information by performing a man-in-the-middle attack. An attacker could use the static cryptographic key to generate a trusted certificate and impersonate an affected device, allowing them to read data meant for a legitimate device, modify the startup configuration of an associated node, and cause a denial of service (DoS) condition for downstream devices.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.