Cisco Secure Firewall Management Center Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software. This vulnerability allows an unauthenticated, remote attacker to execute arbitrary Java code with root privileges on the affected device. The issue arises from insecure deserialization of user-supplied Java byte streams. Exploitation involves sending a crafted serialized Java object to the management interface. Note that the vulnerability's impact is reduced if the FMC management interface lacks public internet access.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected device, with elevated privileges to root.

Remediation

Cisco has released software updates to address this vulnerability. For guidance on upgrading to a fixed software release, Cisco recommends using the Cisco Software Checker tool, which identifies relevant security advisories and the earliest fixed release. Additional resources are available for help with Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software releases.