CVE-2024-20412
First published: Wed Oct 23 2024(Updated: )
A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Cisco Firepower Threat Defense | =7.1.0 | |
| Cisco Firepower Threat Defense | =7.1.0.1 | |
| Cisco Firepower Threat Defense | =7.1.0.2 | |
| Cisco Firepower Threat Defense | =7.1.0.3 | |
| Cisco Firepower Threat Defense | =7.2.0 | |
| Cisco Firepower Threat Defense | =7.2.0.1 | |
| Cisco Firepower Threat Defense | =7.2.1 | |
| Cisco Firepower Threat Defense | =7.2.2 | |
| Cisco Firepower Threat Defense | =7.2.3 | |
| Cisco Firepower Threat Defense | =7.2.4 | |
| Cisco Firepower Threat Defense | =7.2.4.1 | |
| Cisco Firepower Threat Defense | =7.2.5 | |
| Cisco Firepower Threat Defense | =7.2.5.1 | |
| Cisco Firepower Threat Defense | =7.2.5.2 | |
| Cisco Firepower Threat Defense | =7.2.6 | |
| Cisco Firepower Threat Defense | =7.2.7 | |
| Cisco Firepower Threat Defense | =7.3.0 | |
| Cisco Firepower Threat Defense | =7.3.1 | |
| Cisco Firepower Threat Defense | =7.3.1.1 | |
| Cisco Firepower Threat Defense | =7.3.1.2 | |
| Cisco Firepower Threat Defense | =7.4.0 | |
| Cisco Firepower Threat Defense | =7.4.1 | |
| Cisco Firepower Threat Defense | =7.4.1.1 | |
| Any of | ||
| Cisco Firepower 1000 | ||
| Cisco Firepower 1010 | ||
| Cisco Firepower 1020 | ||
| Cisco Firepower 1030 | ||
| Cisco Firepower 1040 | ||
| Cisco Firepower 1120 | ||
| Cisco Firepower 1140 | ||
| Cisco Firepower 1150 | ||
| Cisco Firepower 2100 Firmware | ||
| Cisco Firepower 2110 | ||
| Cisco Firepower 2120 | ||
| Cisco Firepower 2130 | ||
| Cisco Firepower 2140 | ||
| Cisco Firepower 3105 | ||
| Cisco Firepower 3110 | ||
| Cisco Firepower 3120 | ||
| Cisco Firepower 3130 | ||
| Cisco Firepower 3140 | ||
| Cisco Firepower 4215 | ||
| Cisco Firepower 4225 | ||
| Cisco Firepower 4245 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability severity of CVE-2024-20412?
The severity of CVE-2024-20412 is considered high due to the risk of unauthenticated local access to systems using static credentials.
How do I fix CVE-2024-20412?
To mitigate CVE-2024-20412, update your Cisco Firepower Threat Defense Software to the latest version where the vulnerability is patched.
Which Cisco Firepower versions are affected by CVE-2024-20412?
CVE-2024-20412 affects Cisco Firepower Threat Defense versions 7.1.0 through 7.4.1.1.
Who can exploit CVE-2024-20412?
CVE-2024-20412 can be exploited by unauthenticated local attackers who have physical access to the system.
What types of devices are impacted by CVE-2024-20412?
CVE-2024-20412 impacts devices in the Cisco Firepower 1000, 2100, 3100, and 4200 Series.
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-20481
- alias/CVE-2024-20424
- alias/CVE-2024-20329
- alias/CVE-2024-20412
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/event
- agent/softwarecombine
- agent/trending
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco firepower threat defense
- version/cisco firepower threat defense/7.1.0
- version/cisco firepower threat defense/7.1.0.1
- version/cisco firepower threat defense/7.1.0.2
- version/cisco firepower threat defense/7.1.0.3
- version/cisco firepower threat defense/7.2.0
- version/cisco firepower threat defense/7.2.0.1
- version/cisco firepower threat defense/7.2.1
- version/cisco firepower threat defense/7.2.2
- version/cisco firepower threat defense/7.2.3
- version/cisco firepower threat defense/7.2.4
- version/cisco firepower threat defense/7.2.4.1
- version/cisco firepower threat defense/7.2.5
- version/cisco firepower threat defense/7.2.5.1
- version/cisco firepower threat defense/7.2.5.2
- version/cisco firepower threat defense/7.2.6
- version/cisco firepower threat defense/7.2.7
- version/cisco firepower threat defense/7.3.0
- version/cisco firepower threat defense/7.3.1
- version/cisco firepower threat defense/7.3.1.1
- version/cisco firepower threat defense/7.3.1.2
- version/cisco firepower threat defense/7.4.0
- version/cisco firepower threat defense/7.4.1
- version/cisco firepower threat defense/7.4.1.1
- canonical/cisco firepower 1000
- canonical/cisco firepower 1010
- canonical/cisco firepower 1020
- canonical/cisco firepower 1030
- canonical/cisco firepower 1040
- canonical/cisco firepower 1120
- canonical/cisco firepower 1140
- canonical/cisco firepower 1150
- canonical/cisco firepower 2100 firmware
- canonical/cisco firepower 2110
- canonical/cisco firepower 2120
- canonical/cisco firepower 2130
- canonical/cisco firepower 2140
- canonical/cisco firepower 3105
- canonical/cisco firepower 3110
- canonical/cisco firepower 3120
- canonical/cisco firepower 3130
- canonical/cisco firepower 3140
- canonical/cisco firepower 4215
- canonical/cisco firepower 4225
- canonical/cisco firepower 4245