Cisco Secure FMC Software Vulnerability Allows Root Access via Authenticated HTTP Requests
CVE-2024-20424

9.9CRITICAL

Key Information:

Vendor
Cisco
Status
Cisco Firepower Management Center
Vendor
CVE Published:
23 October 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

A vulnerability exists in the web-based management interface of Cisco Secure Firewall Management Center Software, formerly known as Firepower Management Center Software. This flaw arises from insufficient input validation of specific HTTP requests, enabling an authenticated remote attacker to exploit the vulnerability. By sending a specially crafted HTTP request after gaining authentication, the attacker could execute arbitrary commands on the underlying operating system as root. This includes the potential to affect managed Cisco Firepower Threat Defense devices, creating a significant security risk for organizations relying on these systems. To successfully exploit this vulnerability, valid credentials for a user account with a minimum role of Security Analyst (Read Only) are required.

Affected Version(s)

Cisco Firepower Management Center 6.2.3

Cisco Firepower Management Center 6.2.3.1

Cisco Firepower Management Center 6.2.3.2

News Articles

favicon imageBleepingComputer

Cisco fixes VPN DoS flaw discovered in password spray attacks

Cisco fixed a denial of service flaw in its Cisco ASA and Firepower Threat Defense (FTD) software, which was discovered during large-scale brute force attacks against Cisco VPN devices in April.

3 months ago

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by BleepingComputer

  • Vulnerability published

.