⚠ Actively exploited
Added to CISA KEV on 2024-04-24. Federal agencies required to patch by 2024-05-01. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..
CVE-2024-20359 — Code Injection in Cisco Adaptive Security Appliance Software
Severity
6.0MEDIUMNVD
EPSS
0.2%
top 63.19%
CISA KEV
KEV
Added 2024-04-24
Due 2024-05-01
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedApr 24
KEV addedApr 24
KEV dueMay 1
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability.
This vulnerability is due to improper validation of a file when it is read from system flash memo…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:NExploitability: 0.8 | Impact: 5.2
Affected Packages4 packages
🔴Vulnerability Details
3GHSA▶
GHSA-rqwm-368v-fp53: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Secur↗2024-04-24
CVEList▶
CVE-2024-20359: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Secur↗2024-04-24