Skip to main content

Cisco Releases May 2024 ASA, FMC, and FTD Software Security Advisory

Six advisories are included in the semi-annual Cisco Adaptive Security Appliance Software (ASA), Firepower Management Center (FMC) Software, and Firepower Threat Defense (FTD) Software Security Advisory bundled publication

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Six advisories are included in the semi-annual Cisco Adaptive Security Appliance Software (ASA), Firepower Management Center (FMC) Software, and Firepower Threat Defense (FTD) Software Security Advisory bundled publication


Threat details

Cisco Software Checker

To help customers determine their exposure to vulnerabilities in Cisco ASA, FMC, and FTD Software, Cisco provides the Cisco Software Checker. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities.


Introduction

Cisco has released six security advisories that cover six vulnerabilities in its semi-annual bundle of Cisco Adaptive Security Appliance Software (ASA), Firepower Management Center (FMC) Software, and Firepower Threat Defense (FTD) Software Advisories.

The one high impact advisory concerns a SQL injection vulnerability, which when exploited, could allow an authenticated, remote attacker to obtain any data from the database, execute arbitrary commands on the underlying operating system, and elevate privileges to root. To exploit this vulnerability, an attacker would need at least 'Read Only' user credentials.

The five medium impact advisories included in the bundle address five bypass vulnerabilities. A remote, unauthenticated attacker could exploit some of these vulnerabilities to access otherwise controlled areas of an affected system.

Exploitation of vulnerabilities connected with sophisticated "ArcaneDoor" campaign

Cisco has confirmed that all of the fixed software releases that are part of this bundle also include the fix for the vulnerabilities that were involved in the ArcaneDoor exploitation campaign, described in CVE-2024-20353, CVE-2024-20358, and CVE-2024-20359.

NHS England released high severity Cyber Alert CC-4483 in April 2024 to address these vulnerabilities.


Remediation advice

Affected organisations are encouraged to review May 2024 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication and the following Cisco Security Advisories and apply the necessary updates or workarounds.


Remediation steps

Type Step
Patch

Cisco Firepower Management Center Software SQL Injection Vulnerability | cisco-sa-fmc-sqli-WFFDnNOs


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs
Patch

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Inactive-to-Active ACL Bypass Vulnerability | cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX
Patch

Cisco Firepower Management Center Software Object Group Access Control List Bypass Vulnerability | cisco-sa-fmc-object-bypass-fTH8tDjq


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-object-bypass-fTH8tDjq
Patch

Cisco Firepower Threat Defense Software Encrypted Archive File Policy Bypass Vulnerability | cisco-sa-ftd-archive-bypass-z4wQjwcN


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN
Patch

Multiple Cisco Products Snort 3 HTTP Intrusion Prevention System Rule Bypass Vulnerability | cisco-sa-snort3-ips-bypass-uE69KBMd


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd
Patch

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Authorization Bypass Vulnerability | cisco-sa-asaftd-saml-bypass-KkNvXyKW


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW


CVE Vulnerabilities

Last edited: 28 May 2024 3:16 pm