Cisco Secure Firewall ASA and FTD Software Authenticated Command Injection Vulnerability

A command injection vulnerability has been identified in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software. This vulnerability allows an authenticated, local attacker with administrative credentials to execute arbitrary commands on the underlying operating system with root-level privileges. The issue arises from insufficient input validation of user-supplied command arguments, enabling exploitation by submitting crafted input for specific CLI commands.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the operating system with root-level privileges.

Remediation

Cisco has released software updates to address this vulnerability. Instructions for upgrading Cisco Secure FTD devices can be found in the Cisco Secure FMC upgrade guide.