Cisco Secure Firewall Management Center RADIUS Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in the RADIUS subsystem of Cisco Secure Firewall Management Center (FMC) Software) releases 7.0.7 and 7.7.0, when RADIUS authentication is enabled. This vulnerability allows an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. The issue arises from improper handling of user input during the authentication process. Exploitation involves sending crafted input as credentials to be authenticated by a configured RADIUS server. Successful exploitation could enable the execution of commands with high privileges.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected device with high privileges.

Remediation

Cisco has released free software updates to address this vulnerability. Customers with service contracts should obtain these updates through their usual channels. For those without service contracts, contact the Cisco Technical Assistance Center (TAC) for assistance. To determine exposure to this vulnerability, use the Cisco Software Checker tool.