The Pakistan Telecommunication Authority (PTA) has issued a warning about a critical security flaw in Cisco Duo Authentication for Windows Logon and Remote Desktop Protocol (RDP).
This vulnerability, identified as CVE-2024-20301, could let attackers with local access bypass secondary authentication, potentially gaining unauthorized access to Windows devices.
According to the advisory, this security flaw occurs because the system fails to invalidate trusted sessions created locally after a device is rebooted.
This means that if an attacker has primary user credentials, they can exploit this weakness. The issue affects systems running versions earlier than 4.2.0 and those not updated to the latest patched version, 4.3.0. Cisco has addressed this problem by releasing software updates.
PTA advises all users and administrators to update their systems immediately. They should also reset the registry key on affected devices following Cisco’s recommended steps. Detailed instructions for resetting the secret key for a Duo-Protected Application or Directory Sync can be found on Cisco’s website.
PTA has classified this threat as an “Authentication Bypass / Security Vulnerability,” affecting Cisco Duo Authentication for Windows Logon and RDP versions 4.2.0 through 4.2.2. The attack vector is a local authentication bypass.
The advisory has urged the users to remain vigilant and update their systems promptly. For more detailed information and recommendations, visit the Cisco advisory on this vulnerability. In case of any security incidents, report them to the PTA CERT Portal and via email.
The post PTA Issues Advisory on Critical Security Flaw in Cisco Duo appeared first on ProPakistani.