Cisco Secure Firewall ASA and FTD Software VPN Web Server Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. This vulnerability allows an authenticated, remote attacker to execute arbitrary code on the affected device. The issue arises from improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests, potentially leading to a complete compromise of the device.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected device with root privileges, potentially leading to a full compromise of the device.

Remediation

Cisco has released patches for this vulnerability in several versions of both Cisco Secure Firewall ASA and Cisco Secure FTD Software. Customers are advised to upgrade to the fixed releases indicated in the advisory. For Cisco ASA Software releases 9.12 and 9.14, the fixed versions are 9.12.4.72 and 9.14.4.28, respectively. For Cisco FTD Software, the fixed release is 7.0.8.1. Instructions for downloading the fixed releases are available on the Cisco Software Download Center.