CVE-2024-20370

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description: A vulnerability in the Cisco FXOS CLI feature could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need valid administrative credentials on the device to exploit this vulnerability. This issue exists due to insecure storage and permissions of certain system configurations and executable files. An attacker could exploit this vulnerability by authenticating on the device, downloading malicious system files, and accessing the Cisco FXOS CLI to configure the attack. A successful exploit could allow the attacker to obtain root access on the device.

Recommendations: For Cisco Adaptive Security Appliance (ASA) Software, consider restricting access to the Cisco FXOS CLI feature until a patch is available. For Cisco Firepower Threat Defense (FTD) Software, consider disabling the execution of malicious system files and limiting administrative privileges to minimize the risk of exploitation. As a temporary workaround, consider implementing additional access controls and monitoring for suspicious activity on the device.