Cisco Secure Firewall ASA and FTD Software Authenticated Command Injection Vulnerability Allowing Root Command Execution

A command injection vulnerability has been identified in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. This vulnerability allows an authenticated, local attacker with administrative credentials to execute arbitrary commands on the underlying operating system with root-level privileges. The issue arises from insufficient input validation of user-supplied commands. Exploitation involves authenticating to a device and submitting crafted input for specific commands, leading to unauthorized command execution as root.

Impact

Successful exploitation of this vulnerability could result in unauthorized command execution on the affected system with root privileges.

Remediation

Cisco has released software updates to address this vulnerability. For guidance on upgrading Cisco Secure FTD devices, refer to the appropriate Cisco Secure FMC upgrade guide. To determine exposure to vulnerabilities in Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software, use the Cisco Software Checker tool, which identifies relevant Cisco security advisories and the earliest fixed releases.