Cisco ASA SSH Flaw Leaves Devices Vulnerable

Home/cisco, Exploitation, Internet Security, Security Advisory, Security Update, Tips, vulnerability/Cisco ASA SSH Flaw Leaves Devices Vulnerable

    Cisco ASA SSH Flaw Leaves Devices Vulnerable

    Cisco issued a critical advisory for a vulnerability in its Adaptive Security Appliance (ASA) Software that could let remote attackers execute commands with root privileges. The flaw, CVE-2024-20329, affects devices with the CiscoSSH stack enabled.

    CVE-2024-20329

    The vulnerability stems from insufficient validation of user input in the Secure Shell (SSH) subsystem. An attacker can exploit this flaw by sending specially crafted input during remote command execution over SSH.

    If the attack is successful, the attacker can execute commands on the underlying operating system with root privileges, which may allow them to gain complete control over the affected system.

    This level of access poses serious security risks, as it could enable unauthorized data access, system manipulation, or further attacks on connected systems.

    This critical vulnerability, with a CVSS score of 9.9, poses risks to confidentiality, integrity, and availability. Attackers with limited user privileges could exploit it to escalate their access and compromise the entire system. It affects Cisco products running vulnerable ASA Software with SSH access enabled on at least one interface.

    To check if your device is affected, run the command show running-config | include ssh to look for ssh stack ciscossh in the configuration.

    Cisco has released software updates to fix this vulnerability, and customers are urged to upgrade to the patched versions promptly.

    For those unable to update immediately, a workaround is to disable the CiscoSSH stack with the command no ssh stack ciscossh. Note that this may disrupt active SSH sessions and should be tested for compatibility in your environment.

    Cisco offers free software updates for customers with service contracts. Those without contracts can contact the Cisco Technical Assistance Center (TAC) for help in obtaining updates.

    Customers need to make sure their devices have enough memory and that new releases are compatible with their current setups.

    This advisory is part of Cisco’s October 2024 security publication, which includes several advisories for ASA, FMC, and FTD Software.

    Users should regularly check Cisco’s Security Advisories page for updates on vulnerabilities and upgrade options.

    ‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

    By | 2024-11-19T00:36:09+05:30 October 25th, 2024|cisco, Exploitation, Internet Security, Security Advisory, Security Update, Tips, vulnerability|

    About the Author:

    FirstHackersNews- Identifies Security

    Leave A Comment