CVE-2024-20359 - Cisco ASA and FTD Privilege Escalation Vulnerability

CVE-2024-20359: Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Date Added:
2024-04-24

Due Date:
2024-05-01

Vulnerability Name: Cisco ASA and FTD Privilege Escalation Vulnerability

Description: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h; https://nvd.nist.gov/vuln/detail/CVE-2024-20359