Main Vulnerability Database Vulnerabilities #VU64597

OS Command Injection in Firepower NGFW - CVE-2022-20828

Published: June 22, 2022 / Updated: September 5, 2022

Vulnerability identifier: #VU64597

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear

CVE-ID: CVE-2022-20828

CWE-ID: CWE-78

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vendor: Cisco Systems, Inc

Affected software:
Firepower NGFW

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper input validation in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module. A local user can pass specially crafted parameters to the affected CLI command and execute arbitrary commands on the system with root privileges.

How to mitigate CVE-2022-20828

Install updates from vendor's website.

Sources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwb32418

OS Command Injection in Firepower NGFW - CVE-2022-20828

Detailed vulnerability description

How to mitigate CVE-2022-20828

Sources

Please verify you're human