CVE-2024-20358

Summary

CVE-2024-20358 is a vulnerability affecting the Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software. An authenticated, local attacker with administrator privileges can exploit this issue by restoring a maliciously crafted backup file. The vulnerability arises due to improper sanitization of the backup file's contents during restoration. Successful exploitation allows the attacker to execute arbitrary commands with root-level privileges on the underlying Linux operating system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.