#VU64596 Insufficient verification of data authenticity in Cisco Adaptive Security Appliance (ASA) and Cisco Adaptive Security Device Manager (ASDM)
Vulnerability identifier: #VU64596
Vulnerability risk: Medium
CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-345
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
Cisco Adaptive Security Appliance (ASA)
Hardware solutions /
Security hardware applicances
Cisco Adaptive Security Device Manager (ASDM)
Client/Desktop applications /
Software for system administration
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote user compromise the affected system.
The vulnerability exists due to insufficient verification of Cisco Adaptive Security Device Manager (ASDM) images deployed to Cisco Adaptive Security Appliance (ASA) Software. A remote privileged user can upload a malicious ASDM image to a device that is running Cisco ASA Software and compromise the system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Cisco Adaptive Security Appliance (ASA): 9.0 - 9.18.1
Cisco Adaptive Security Device Manager (ASDM): 7.15.1 - 7.18
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwb05264
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwb05291
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
