Cisco Releases May 2024 ASA, FMC, and FTD Software Security Advisory
Six advisories are included in the semi-annual Cisco Adaptive Security Appliance Software (ASA), Firepower Management Center (FMC) Software, and Firepower Threat Defense (FTD) Software Security Advisory bundled publication
Summary
Six advisories are included in the semi-annual Cisco Adaptive Security Appliance Software (ASA), Firepower Management Center (FMC) Software, and Firepower Threat Defense (FTD) Software Security Advisory bundled publication
Affected platforms
The following platforms are known to be affected:
Threat details
Cisco Software Checker
To help customers determine their exposure to vulnerabilities in Cisco ASA, FMC, and FTD Software, Cisco provides the Cisco Software Checker. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities.
Introduction
Cisco has released six security advisories that cover six vulnerabilities in its semi-annual bundle of Cisco Adaptive Security Appliance Software (ASA), Firepower Management Center (FMC) Software, and Firepower Threat Defense (FTD) Software Advisories.
The one high impact advisory concerns a SQL injection vulnerability, which when exploited, could allow an authenticated, remote attacker to obtain any data from the database, execute arbitrary commands on the underlying operating system, and elevate privileges to root. To exploit this vulnerability, an attacker would need at least 'Read Only' user credentials.
The five medium impact advisories included in the bundle address five bypass vulnerabilities. A remote, unauthenticated attacker could exploit some of these vulnerabilities to access otherwise controlled areas of an affected system.
Exploitation of vulnerabilities connected with sophisticated "ArcaneDoor" campaign
Cisco has confirmed that all of the fixed software releases that are part of this bundle also include the fix for the vulnerabilities that were involved in the ArcaneDoor exploitation campaign, described in CVE-2024-20353, CVE-2024-20358, and CVE-2024-20359.
NHS England released high severity Cyber Alert CC-4483 in April 2024 to address these vulnerabilities.
Remediation advice
Affected organisations are encouraged to review May 2024 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication and the following Cisco Security Advisories and apply the necessary updates or workarounds.
Remediation steps
Type | Step |
---|---|
Patch |
Cisco Firepower Management Center Software SQL Injection Vulnerability | cisco-sa-fmc-sqli-WFFDnNOs https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs |
Patch |
Cisco Adaptive Security Appliance and Firepower Threat Defense Software Inactive-to-Active ACL Bypass Vulnerability | cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX |
Patch |
Cisco Firepower Management Center Software Object Group Access Control List Bypass Vulnerability | cisco-sa-fmc-object-bypass-fTH8tDjq https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-object-bypass-fTH8tDjq |
Patch |
Cisco Firepower Threat Defense Software Encrypted Archive File Policy Bypass Vulnerability | cisco-sa-ftd-archive-bypass-z4wQjwcN https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN |
Patch |
Multiple Cisco Products Snort 3 HTTP Intrusion Prevention System Rule Bypass Vulnerability | cisco-sa-snort3-ips-bypass-uE69KBMd https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd |
Patch |
Cisco Adaptive Security Appliance and Firepower Threat Defense Software Authorization Bypass Vulnerability | cisco-sa-asaftd-saml-bypass-KkNvXyKW https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW |
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 28 May 2024 3:16 pm