Two Cisco Zero-Day Vulnerabilities Used for Espionage by State-Sponsored Threat Actors – Active IOCs
April 25, 2024Multi-Step Hijacking Campaign Targets Systems Using Cobalt Strike and SSLoad – Active IOCs
April 25, 2024Two Cisco Zero-Day Vulnerabilities Used for Espionage by State-Sponsored Threat Actors – Active IOCs
April 25, 2024Multi-Step Hijacking Campaign Targets Systems Using Cobalt Strike and SSLoad – Active IOCs
April 25, 2024Severity
Medium
Analysis Summary
CVE-2024-20358
Cisco Adaptive Security Appliance and Firepower Threat Defense Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper validation of a backup file during restore time. By restoring a specially crafted backup file, an attacker could exploit this vulnerability to execute arbitrary commands on the underlying Linux operating system as root.
Impact
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-20358
Affected Vendors
Affected Products
- Cisco Adaptive Security Appliance (ASA) Software
- Cisco Firepower Threat Defense (FTD) Software
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.