Cisco Secure Firewall Management Center Command Injection Vulnerability

A command injection vulnerability has been identified in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software). This vulnerability allows an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. The issue arises from insufficient input validation of certain HTTP request parameters sent to the management interface. To exploit this vulnerability, an attacker must authenticate to the interface and send a crafted HTTP request to an affected device. A successful exploit would enable the attacker to execute commands as the root user on the device.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the affected device, with the commands being executed as the root user.

Remediation

Cisco has released software updates to address this vulnerability. For guidance on upgrading, customers can consult the Cisco Software Checker tool, which identifies relevant security advisories and the first fixed release for each vulnerability. Instructions for using the Cisco Software Checker are available on the Cisco Security Advisories page.