Rewterz Threat Advisory – CVE-2021-1489 – Cisco Firepower Device Manager (FDM) Software denial of service
April 29, 2021Rewterz Threat Advisory – Multiple F5 BIG IP Vulnerabilities
April 29, 2021Rewterz Threat Advisory – CVE-2021-1489 – Cisco Firepower Device Manager (FDM) Software denial of service
April 29, 2021Rewterz Threat Advisory – Multiple F5 BIG IP Vulnerabilities
April 29, 2021Severity
Medium
Analysis Summary
CVE-2021-1488
Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper input validation. By uploading a specially-crafted upgrade package file, an attacker could exploit this vulnerability to execute arbitrary commands with root privileges on the underlying OS.
Impact
Execution of arbitrary commands
Affected Vendors
Cisco
Affected Products
- Cisco Adaptive Security Appliance (ASA) Software
- Cisco Firepower Threat Defense (FTD) Software
Remediation
Refer to Cisco advisory for the complete list of affected products and their respective patches.