Cisco Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerability

A command injection vulnerability has been identified in the CLI of Cisco Secure Firewall Threat Defense (FTD) Software. This vulnerability allows an authenticated, local attacker with administrative privileges to execute arbitrary commands on the underlying operating system as root. The issue arises from inadequate input validation of user-supplied command arguments, enabling exploitation by submitting crafted input for specific CLI commands.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the operating system with root privileges.

Remediation

Cisco has released software updates to address this vulnerability. Instructions for upgrading Cisco Secure FTD Software can be found in the Cisco Secure FTD upgrade guide. Customers can also use the Cisco Software Checker tool to determine their exposure to this vulnerability and identify the first fixed release.