Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability

A vulnerability in Cisco ASA and FTD software allows authenticated, local attackers with administrator privileges to execute commands as root by restoring a crafted backup file. This vulnerability arises from improper sanitization of backup file contents during restore. Successful exploitation grants attackers root-level access to the underlying Linux operating system. Cisco has released software updates to address the issue. There are no available workarounds. The advisory is available at the provided link. More information can be found in Cisco Event Response: Attacks Against Cisco Firewall Platforms. The vulnerability has a medium security impact rating and is assigned CVE-2024-20358.