CVE-2024-20359 - Cisco ASA and FTD Privilege Escalation Vulnerability

CVE-2024-20359: Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Date Added:
2024-04-24

Due Date:
2024-05-01

Vulnerability Name: Cisco ASA and FTD Privilege Escalation Vulnerability

Description: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h; https://nvd.nist.gov/vuln/detail/CVE-2024-20359

Related News Articles

Cisco warns of backdoor admin account in Smart Licensing UtilitySeptember 5, 2024

Cisco SSM On-Prem bug lets hackers change any user's passwordJuly 18, 2024

Cisco warns of NX-OS zero-day exploited to deploy custom malwareJuly 2, 2024

ArcaneDoor hackers exploit Cisco zero-days to breach govt networksApril 25, 2024

Norway recommends replacing SSL VPN to prevent breachesMay 17, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard