CVE-2024-20329: Cisco Adaptive Security Appliance Software Remote Command Injection Vulnerability
First published: Wed Oct 23 2024(Updated: )
A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by submitting crafted input when executing remote CLI commands over SSH. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Adaptive Security Appliance Software |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-rce-gRAuPEUF
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
- https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300
- https://www.bleepingcomputer.com/news/security/cisco-fixes-vpn-dos-flaw-discovered-in-password-spray-attacks/
Frequently Asked Questions
What is the severity of CVE-2024-20329?
CVE-2024-20329 is considered a critical vulnerability due to its potential to allow remote command execution as root.
How do I fix CVE-2024-20329?
To remediate CVE-2024-20329, apply the latest security updates issued by Cisco for the Adaptive Security Appliance Software.
Who is affected by CVE-2024-20329?
CVE-2024-20329 affects users of Cisco Adaptive Security Appliance Software that utilize the SSH subsystem.
What type of attack does CVE-2024-20329 enable?
CVE-2024-20329 enables an authenticated, remote attacker to execute arbitrary operating system commands.
What causes the vulnerability identified as CVE-2024-20329?
CVE-2024-20329 is caused by insufficient validation of user input in the SSH subsystem.
- agent/title
- agent/type
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-20481
- alias/CVE-2024-20424
- alias/CVE-2024-20329
- alias/CVE-2024-20412
- agent/references
- agent/event
- collector/nvd-api
- source/NVD
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco adaptive security appliance software