Cisco Secure Firewall ASA and FTD Software Authenticated Command Injection Vulnerability Allowing Arbitrary Command Execution

A command injection vulnerability has been identified in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. This vulnerability allows an authenticated, local attacker with administrative credentials to execute arbitrary commands on the underlying operating system with root-level privileges. The issue arises from insufficient input validation of user-supplied commands, enabling exploitation by submitting crafted input after authenticating to the device.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of commands on the operating system as root, allowing for full administrative control over the device.

Remediation

Cisco has released software updates to address this vulnerability. For guidance on upgrading Cisco Secure FTD devices, refer to the appropriate Cisco Secure FMC upgrade guide. Customers can use the Cisco Software Checker tool to determine their exposure to vulnerabilities in Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software.