A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need valid administrative credentials on the device to exploit this vulnerability. This vulnerability exists because certain system configurations and executable files have insecure storage and permissions. An attacker could exploit this vulnerability by authenticating on the device and then performing a series of steps that includes downloading malicious system files and accessing the Cisco FXOS CLI to configure the attack. A successful exploit could allow the attacker to obtain root access on the device.
                
            Metrics
Affected Vendors & Products
References
        History
                    Thu, 24 Oct 2024 18:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Cisco Cisco adaptive Security Appliance Software Cisco firepower Threat Defense Software | |
| CPEs | cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:* | |
| Vendors & Products | Cisco Cisco adaptive Security Appliance Software Cisco firepower Threat Defense Software | |
| Metrics | ssvc 
 | 
Wed, 23 Oct 2024 17:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need valid administrative credentials on the device to exploit this vulnerability. This vulnerability exists because certain system configurations and executable files have insecure storage and permissions. An attacker could exploit this vulnerability by authenticating on the device and then performing a series of steps that includes downloading malicious system files and accessing the Cisco FXOS CLI to configure the attack. A successful exploit could allow the attacker to obtain root access on the device. | |
| Weaknesses | CWE-264 | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: cisco
Published: 2024-10-23T17:29:05.240Z
Updated: 2024-10-26T03:55:33.801Z
Reserved: 2023-11-08T15:08:07.653Z
Link: CVE-2024-20370
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-10-24T17:34:15.015Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2024-10-23T18:15:05.637
Modified: 2024-10-25T12:56:36.827
Link: CVE-2024-20370
 Redhat
                        Redhat
                    No data.