Saturday, June 15, 2024

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software’s web-based management interface.

This vulnerability could potentially allow authenticated, remote attackers to conduct SQL injection attacks on affected systems.

This vulnerability, tracked as CVE-2024-20360, poses significant risks, including unauthorized data access, command execution on the underlying operating system, and privilege escalation to root.

Vulnerability Details – CVE-2024-20360

The vulnerability exists due to inadequate user input validation within the web-based management interface of Cisco FMC Software.

ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service

An attacker with at least Read Only user credentials can exploit this flaw by sending crafted SQL queries to the affected system.

Successful exploitation could lead to severe consequences, such as:

  • Obtaining any data from the database
  • Executing arbitrary commands on the underlying operating system
  • Elevating privileges to root

This vulnerability affects devices running a vulnerable release of Cisco FMC Software, regardless of the device configuration.

Cisco has confirmed that Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software are unaffected by this vulnerability.

Mitigation and Fixed Software

Cisco has released software updates to address this critical vulnerability.

No workarounds are available, so users need to apply the updates promptly.

Customers with service contracts can obtain the necessary security fixes through their usual update channels.

Those without service contracts can contact the Cisco Technical Assistance Center (TAC).

Users are advised to consult the official Cisco Security Advisory for detailed information on the affected software releases and the fixed versions.

Cisco strongly recommends that all users of affected Cisco FMC Software versions upgrade to the fixed software releases to mitigate the risks associated with this vulnerability.

Users should ensure their devices have sufficient memory and that current hardware and software configurations are compatible with the new release.

For further assistance and to determine their exposure to vulnerabilities, users can utilize the Cisco Software Checker tool, which is available on the Cisco website.

The discovery of CVE-2024-20360 underscores the importance of regular software updates and vigilant security practices.

Organizations using Cisco FMC Software should act swiftly to apply the necessary updates and protect their systems from potential exploitation.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers


Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles