Systems Engineering is aware of three Vulnerabilities affecting the Cisco ASA; Cisco Adaptive Security Appliance Web Service Denial of Service Vulnerability - CVE-2024-20353, Cisco Adaptive Security Appliance Command Injection Vulnerability - CVE-2024-20358, and Cisco Adaptive Security Appliance Persistent Local Code Execution Vulnerability - CVE-2024-20359.
Cisco rates CVE-2024-50358 vulnerability as MEDIUM. CVE-2024-20353 and CVE-2024-0359 vulnerabilities are rated HIGH.
Note: This is potentially being exploited in the wild according to Cisco and multiple government agencies.
Description
These vulnerabilities affect the SSLVPN service and the Restore functionality of these Cisco devices. They can allow malicious actors to execute arbitrary code, perform DOS (Denial of Service) attacks, or upload malicious files to the affected systems. Some of these vulnerabilities require root-level privileges, and others do not.
Scope
These vulnerabilities are specific to clients with Cisco ASA’s and Firepower Firewalls. All makes and models below a certain version are affected. Click on individual CVE links below to be directly taken to the Cisco Security Advisory:
- Cisco Adaptive Security Appliance Web Service Denial of Service Vulnerability (CVE-2024-20353)
- Cisco Adaptive Security Appliance Command Injection Vulnerability (CVE-2024-20358)
- Cisco Adaptive Security Appliance Persistent Local Code Execution Vulnerability (CVE-2024-20359)
Course of Action
Cisco has released a patch to remediate affected systems. Systems Engineering is recommending a firmware version of 9.12.4.67 to remediate this vulnerability.
- For Systems Engineering contracted clients, we will be proactively patching for this vulnerability and will be in contact with you with details about the remediation schedule.
- For all other clients, we recommend you have your affected systems patched for this vulnerability. If you would like our assistance with patching, please reach out to Systems Engineering Customer Service at 207.772.4199 to have a ticket opened to get your system updated.
If you are a Systems Engineering client and have questions about this Security Alert, please contact your Account Manager.