critical
9.1
CWE
345
Advisory Published

cisco-sa-asa-asdm-sig-NPKvwDjm: Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability

First published: Wed Jun 22 2022(Updated: )

A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm

Credit: Jake Baines Rapid7

Affected SoftwareAffected VersionHow to fix
Cisco ASA Software=9.18<9.18.2=9.17<9.17.1.13>=9.15<=9.16<9.16.3.19>=9.13<=9.14<9.14.4.14>=9.9=9.10<=9.12<9.12.4.50>=9.7 and earlier<=9.8<9.8.4.45 (Sept 2022)
9.18.2
9.17.1.13
9.16.3.19
9.14.4.14
9.12.4.50
9.8.4.45 (Sept 2022)
Cisco Adaptive Security Device Manager (ASDM)>=7.17 and earlier<=7.18<7.18.1.152
7.18.1.152

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

  • What is the severity of cisco-sa-asa-asdm-sig-NPKvwDjm?

    The severity of cisco-sa-asa-asdm-sig-NPKvwDjm is considered high due to the potential for authenticated remote attackers to exploit the vulnerability.

  • How do I fix cisco-sa-asa-asdm-sig-NPKvwDjm?

    To fix cisco-sa-asa-asdm-sig-NPKvwDjm, upgrade to the latest versions of the Cisco ASA and ASDM software as specified in the advisory.

  • Who is affected by cisco-sa-asa-asdm-sig-NPKvwDjm?

    Cisco ASA devices running versions 9.17.1.13 and earlier as well as ASDM versions 7.18 and earlier are affected by cisco-sa-asa-asdm-sig-NPKvwDjm.

  • What is the impact of cisco-sa-asa-asdm-sig-NPKvwDjm?

    The impact of cisco-sa-asa-asdm-sig-NPKvwDjm allows an authenticated attacker to upload a malicious ASDM image that could compromise the security of the device.

  • Is authentication required to exploit cisco-sa-asa-asdm-sig-NPKvwDjm?

    Yes, authentication is required to exploit the cisco-sa-asa-asdm-sig-NPKvwDjm vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203