Cisco Secure Firewall Management Center Authentication Bypass Vulnerability Allowing Root Access

An authentication bypass vulnerability has been identified in the web interface of Cisco Secure Firewall Management Center (FMC) Software. This vulnerability allows an unauthenticated, remote attacker to bypass authentication and execute script files on the affected device, potentially leading to root access on the underlying operating system. The issue arises from an improper system process created at boot time, which attackers can exploit by sending crafted HTTP requests. Successful exploitation enables the execution of various scripts and commands with root privileges.

Impact

Exploitation of this vulnerability could allow an attacker to gain root access to the device's operating system.

Remediation

Cisco has released software updates to address this vulnerability. For guidance on upgrading to a fixed software release, consult the Cisco Software Checker tool, which identifies relevant security advisories and the first fixed release for each vulnerability. Additional resources are available in the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software sections of the advisory.