Thursday, July 25, 2024

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software’s web-based management interface.

This vulnerability could potentially allow authenticated, remote attackers to conduct SQL injection attacks on affected systems.

This vulnerability, tracked as CVE-2024-20360, poses significant risks, including unauthorized data access, command execution on the underlying operating system, and privilege escalation to root.

Vulnerability Details – CVE-2024-20360

The vulnerability exists due to inadequate user input validation within the web-based management interface of Cisco FMC Software.

ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service

An attacker with at least Read Only user credentials can exploit this flaw by sending crafted SQL queries to the affected system.

Successful exploitation could lead to severe consequences, such as:

  • Obtaining any data from the database
  • Executing arbitrary commands on the underlying operating system
  • Elevating privileges to root

This vulnerability affects devices running a vulnerable release of Cisco FMC Software, regardless of the device configuration.

Cisco has confirmed that Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software are unaffected by this vulnerability.

Mitigation and Fixed Software

Cisco has released software updates to address this critical vulnerability.

No workarounds are available, so users need to apply the updates promptly.

Customers with service contracts can obtain the necessary security fixes through their usual update channels.

Those without service contracts can contact the Cisco Technical Assistance Center (TAC).

Users are advised to consult the official Cisco Security Advisory for detailed information on the affected software releases and the fixed versions.

Cisco strongly recommends that all users of affected Cisco FMC Software versions upgrade to the fixed software releases to mitigate the risks associated with this vulnerability.

Users should ensure their devices have sufficient memory and that current hardware and software configurations are compatible with the new release.

For further assistance and to determine their exposure to vulnerabilities, users can utilize the Cisco Software Checker tool, which is available on the Cisco website.

The discovery of CVE-2024-20360 underscores the importance of regular software updates and vigilant security practices.

Organizations using Cisco FMC Software should act swiftly to apply the necessary updates and protect their systems from potential exploitation.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers


Latest articles

Microsoft’s Windows Hello for Business Flaw Let Attackers Bypass Authentication

Researchers have uncovered a vulnerability in Microsoft's Windows Hello for Business (WHfB) that allows...

LummaC2 Malware Using Steam Gaming Platform as C2 Server

Cybersecurity experts have uncovered a sophisticated variant of the LummaC2 malware that leverages the...

Ukraine Hackers Hit Major Russian banks with DDoS attacks

Several prominent Russian bank clients experienced issues with their mobile apps and websites. According...

ShadowRoot Ransomware Attacking Organizations With Weaponized PDF Documents

A rudimentary ransomware targets Turkish businesses through phishing emails with ".ru" domain sender addresses....

BreachForumsV1 Database Leaked: Private messages, Emails & IP Exposed

BreachForumsV1, a notorious online platform for facilitating illegal activities, has reportedly suffered a massive...

250 Million Hamster Kombat Players Targeted Via Android And Windows Malware

Despite having simple gameplay, the new Telegram clicker game Hamster Kombat has become very...

Beware Of Malicious Python Packages That Steal Users Sensitive Data

Malicious Python packages uploaded by "dsfsdfds" to PyPI infiltrated user systems by exfiltrating sensitive...
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles