Cyber Security News

Cisco ASA Devices Vulnerable to SSH Remote Command Injection Flaw

Cisco has issued a critical security advisory regarding a vulnerability in its Adaptive Security Appliance (ASA) Software. The vulnerability could allow remote attackers to execute commands with root-level privileges.

The flaw, CVE-2024-20329, affects devices running a vulnerable release of Cisco ASA Software with the CiscoSSH stack enabled.

Vulnerability Details – CVE-2024-20329

The vulnerability arises from insufficient validation of user input within the Secure Shell (SSH) subsystem. An attacker could exploit this flaw by sending crafted input during remote command execution over SSH.

Successful exploitation allows the attacker to execute commands on the underlying operating system with root privileges, potentially allowing them to gain full control over the affected system. 

National Cybersecurity Awareness Month Cyber Challenges – Test your Skills Now

This vulnerability, rated with a CVSS score of 9.9, is deemed critical due to its potential impact on confidentiality, integrity, and availability. Attackers with limited user privileges could leverage this flaw to escalate their access and compromise the entire system. 

The vulnerability affects Cisco products running vulnerable releases of ASA Software with SSH access enabled on at least one interface.

To determine if your device is affected, use the command show running-config | include ssh to check for the presence of ssh stack ciscossh in the configuration. 

Cisco has released software updates to address this vulnerability. Customers are urged to upgrade to the fixed software versions as soon as possible.

A workaround for those unable to immediately apply updates involves disabling the CiscoSSH stack using the command no ssh stack ciscossh.

However, this may disrupt active SSH sessions and should be tested for compatibility within your specific environment. 

Cisco provides free software updates for customers with service contracts. Those without contracts can contact the Cisco Technical Assistance Center (TAC) for assistance in obtaining updates.

Customers must ensure their devices have sufficient memory and that new releases support current configurations.

This advisory is part of Cisco’s October 2024 semiannual security publication, including multiple ASA, FMC, and FTD Software advisories.

Users must regularly consult Cisco’s Security Advisories page for comprehensive exposure assessments and upgrade solutions.

Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…

4 hours ago

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code execution…

4 hours ago

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…

4 hours ago

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…

4 hours ago

EU Targets Stark Industries in Cyberattack Sanctions Crackdown

The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…

7 hours ago

Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats

Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…

8 hours ago