Multiple vulnerabilities in Cisco Firepower Device Manager On-Box Software

1) Buffer overflow

EUVDB-ID: #VU27579

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-3310

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote use to compromise the target system.

The vulnerability exists due to insufficient hardening of the XML parser configuration. A remote administrator can use a specially crafted XML file, trigger memory corruption and cause the target system to become unstable or reload.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco Firepower Device Manager On-Box: before 6.2.3

CPE2.3

• cpe:2.3:a:cisco_systems:cisco_fdm_on-box:*:*:*:*:*:*:*:*

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xpftd-gYDXyN8H

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Input validation error

EUVDB-ID: #VU27580

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-3309

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote user to overwrite arbitrary files on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote administrator can uploading a malicious file and overwrite arbitrary files on as well as modify the underlying operating system of an affected device.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco Firepower Device Manager On-Box: before 6.2.3

CPE2.3

• cpe:2.3:a:cisco_systems:cisco_fdm_on-box:*:*:*:*:*:*:*:*

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdmfo-HvPWKxDe

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?