CVE-2024-20359

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability.

This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.

Published: Apr 24, 2024
Updated: Apr 27, 2024
CVE: CVE-2024-20359
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
cisco / adaptive_security_appliance_software	9.16.1	9.16.1.x
cisco / adaptive_security_appliance_software	9.8.2	9.8.2.x
cisco / adaptive_security_appliance_software	9.8.3.18	9.8.3.18.x
cisco / adaptive_security_appliance_software	9.8.3.26	9.8.3.26.x
cisco / adaptive_security_appliance_software	9.12.2	9.12.2.x
cisco / adaptive_security_appliance_software	9.8.2.24	9.8.2.24.x
cisco / adaptive_security_appliance_software	9.8.3.16	9.8.3.16.x
cisco / adaptive_security_appliance_software	9.8.4.29	9.8.4.29.x
cisco / adaptive_security_appliance_software	9.12.2.5	9.12.2.5.x
cisco / adaptive_security_appliance_software	9.12.4.4	9.12.4.4.x
cisco / adaptive_security_appliance_software	9.8.2.20	9.8.2.20.x
cisco / adaptive_security_appliance_software	9.8.4	9.8.4.x
cisco / adaptive_security_appliance_software	9.8.4.26	9.8.4.26.x
cisco / adaptive_security_appliance_software	9.14.1.30	9.14.1.30.x
cisco / adaptive_security_appliance_software	9.14.1.15	9.14.1.15.x
cisco / adaptive_security_appliance_software	9.8.2.26	9.8.2.26.x
cisco / adaptive_security_appliance_software	9.8.2.28	9.8.2.28.x
cisco / adaptive_security_appliance_software	9.8.2.33	9.8.2.33.x
cisco / adaptive_security_appliance_software	9.8.2.35	9.8.2.35.x
cisco / adaptive_security_appliance_software	9.8.2.38	9.8.2.38.x
cisco / adaptive_security_appliance_software	9.8.4.8	9.8.4.8.x
cisco / adaptive_security_appliance_software	9.8.4.10	9.8.4.10.x
cisco / adaptive_security_appliance_software	9.8.4.12	9.8.4.12.x
cisco / adaptive_security_appliance_software	9.8.4.15	9.8.4.15.x
cisco / adaptive_security_appliance_software	9.8.4.45	9.8.4.45.x
cisco / adaptive_security_appliance_software	9.12.3.2	9.12.3.2.x
cisco / adaptive_security_appliance_software	9.12.3.7	9.12.3.7.x
cisco / adaptive_security_appliance_software	9.12.4	9.12.4.x
cisco / adaptive_security_appliance_software	9.12.3.12	9.12.3.12.x
cisco / adaptive_security_appliance_software	9.12.4.37	9.12.4.37.x
cisco / adaptive_security_appliance_software	9.12.4.38	9.12.4.38.x
cisco / adaptive_security_appliance_software	9.12.4.39	9.12.4.39.x
cisco / adaptive_security_appliance_software	9.14.2	9.14.2.x
cisco / adaptive_security_appliance_software	9.14.2.4	9.14.2.4.x
cisco / adaptive_security_appliance_software	9.14.2.8	9.14.2.8.x
cisco / adaptive_security_appliance_software	9.14.2.13	9.14.2.13.x
cisco / adaptive_security_appliance_software	9.14.2.15	9.14.2.15.x
cisco / adaptive_security_appliance_software	9.15.1.15	9.15.1.15.x
cisco / adaptive_security_appliance_software	9.15.1.16	9.15.1.16.x
cisco / adaptive_security_appliance_software	9.15.1.17	9.15.1.17.x
cisco / adaptive_security_appliance_software	9.15.1.1	9.15.1.1.x
cisco / adaptive_security_appliance_software	9.8.4.25	9.8.4.25.x
cisco / adaptive_security_appliance_software	9.17.1	9.17.1.x
cisco / adaptive_security_appliance_software	9.8.1	9.8.1.x
cisco / adaptive_security_appliance_software	9.8.2.17	9.8.2.17.x
cisco / adaptive_security_appliance_software	9.8.3.11	9.8.3.11.x
cisco / adaptive_security_appliance_software	9.8.3.29	9.8.3.29.x
cisco / adaptive_security_appliance_software	9.8.4.3	9.8.4.3.x
cisco / adaptive_security_appliance_software	9.8.4.20	9.8.4.20.x
cisco / adaptive_security_appliance_software	9.8.4.41	9.8.4.41.x
cisco / adaptive_security_appliance_software	9.8.4.44	9.8.4.44.x
cisco / adaptive_security_appliance_software	9.12.3	9.12.3.x
cisco / adaptive_security_appliance_software	9.12.3.9	9.12.3.9.x
cisco / adaptive_security_appliance_software	9.12.4.26	9.12.4.26.x
cisco / adaptive_security_appliance_software	9.12.4.30	9.12.4.30.x
cisco / adaptive_security_appliance_software	9.14.1.10	9.14.1.10.x
cisco / adaptive_security_appliance_software	9.14.1.19	9.14.1.19.x
cisco / adaptive_security_appliance_software	9.14.3	9.14.3.x
cisco / adaptive_security_appliance_software	9.14.3.9	9.14.3.9.x
cisco / adaptive_security_appliance_software	9.15.1	9.15.1.x
cisco / adaptive_security_appliance_software	9.15.1.10	9.15.1.10.x
cisco / adaptive_security_appliance_software	9.15.1.21	9.15.1.21.x
cisco / adaptive_security_appliance_software	9.16.1.28	9.16.1.28.x
cisco / adaptive_security_appliance_software	9.17.1.7	9.17.1.7.x
cisco / adaptive_security_appliance_software	9.16.3.14	9.16.3.14.x
cisco / adaptive_security_appliance_software	9.16.4	9.16.4.x
cisco / adaptive_security_appliance_software	9.18.2.5	9.18.2.5.x
cisco / adaptive_security_appliance_software	9.17.1.10	9.17.1.10.x
cisco / adaptive_security_appliance_software	9.17.1.13	9.17.1.13.x
cisco / adaptive_security_appliance_software	9.18.1	9.18.1.x
cisco / adaptive_security_appliance_software	9.18.1.3	9.18.1.3.x
cisco / adaptive_security_appliance_software	9.8.1.7	9.8.1.7.x
cisco / adaptive_security_appliance_software	9.8.2.8	9.8.2.8.x
cisco / adaptive_security_appliance_software	9.8.2.14	9.8.2.14.x
cisco / adaptive_security_appliance_software	9.8.3.21	9.8.3.21.x
cisco / adaptive_security_appliance_software	9.8.3	9.8.3.x
cisco / adaptive_security_appliance_software	9.8.4.32	9.8.4.32.x
cisco / adaptive_security_appliance_software	9.8.4.33	9.8.4.33.x
cisco / adaptive_security_appliance_software	9.8.4.34	9.8.4.34.x
cisco / adaptive_security_appliance_software	9.8.4.35	9.8.4.35.x
cisco / adaptive_security_appliance_software	9.8.4.39	9.8.4.39.x
cisco / adaptive_security_appliance_software	9.12.1	9.12.1.x
cisco / adaptive_security_appliance_software	9.12.1.2	9.12.1.2.x
cisco / adaptive_security_appliance_software	9.12.1.3	9.12.1.3.x
cisco / adaptive_security_appliance_software	9.12.4.10	9.12.4.10.x
cisco / adaptive_security_appliance_software	9.12.4.13	9.12.4.13.x
cisco / adaptive_security_appliance_software	9.12.4.8	9.12.4.8.x
cisco / adaptive_security_appliance_software	9.12.4.18	9.12.4.18.x
cisco / adaptive_security_appliance_software	9.14.1	9.14.1.x
cisco / adaptive_security_appliance_software	9.14.3.13	9.14.3.13.x
cisco / adaptive_security_appliance_software	9.14.3.18	9.14.3.18.x
cisco / adaptive_security_appliance_software	9.14.3.15	9.14.3.15.x
cisco / adaptive_security_appliance_software	9.14.4	9.14.4.x
cisco / adaptive_security_appliance_software	9.16.2.3	9.16.2.3.x
cisco / adaptive_security_appliance_software	9.16.2.7	9.16.2.7.x
cisco / adaptive_security_appliance_software	9.16.2.11	9.16.2.11.x
cisco / adaptive_security_appliance_software	9.16.2.13	9.16.2.13.x
cisco / adaptive_security_appliance_software	9.16.2.14	9.16.2.14.x
cisco / adaptive_security_appliance_software	9.14.4.7	9.14.4.7.x
cisco / adaptive_security_appliance_software	9.14.4.12	9.14.4.12.x
cisco / adaptive_security_appliance_software	9.17.1.11	9.17.1.11.x
cisco / adaptive_security_appliance_software	9.17.1.15	9.17.1.15.x
cisco / adaptive_security_appliance_software	9.8.4.22	9.8.4.22.x
cisco / adaptive_security_appliance_software	9.12.4.2	9.12.4.2.x
cisco / adaptive_security_appliance_software	9.17.1.9	9.17.1.9.x
cisco / adaptive_security_appliance_software	9.8.1.5	9.8.1.5.x
cisco / adaptive_security_appliance_software	9.8.2.15	9.8.2.15.x
cisco / adaptive_security_appliance_software	9.8.3.8	9.8.3.8.x
cisco / adaptive_security_appliance_software	9.8.3.14	9.8.3.14.x
cisco / adaptive_security_appliance_software	9.8.4.7	9.8.4.7.x
cisco / adaptive_security_appliance_software	9.8.4.17	9.8.4.17.x
cisco / adaptive_security_appliance_software	9.8.4.40	9.8.4.40.x
cisco / adaptive_security_appliance_software	9.8.4.43	9.8.4.43.x
cisco / adaptive_security_appliance_software	9.12.2.4	9.12.2.4.x
cisco / adaptive_security_appliance_software	9.12.2.9	9.12.2.9.x
cisco / adaptive_security_appliance_software	9.12.2.1	9.12.2.1.x
cisco / adaptive_security_appliance_software	9.12.4.7	9.12.4.7.x
cisco / adaptive_security_appliance_software	9.12.4.24	9.12.4.24.x
cisco / adaptive_security_appliance_software	9.12.4.29	9.12.4.29.x
cisco / adaptive_security_appliance_software	9.12.4.35	9.12.4.35.x
cisco / adaptive_security_appliance_software	9.14.1.6	9.14.1.6.x
cisco / adaptive_security_appliance_software	9.14.3.1	9.14.3.1.x
cisco / adaptive_security_appliance_software	9.14.3.11	9.14.3.11.x
cisco / adaptive_security_appliance_software	9.14.4.6	9.14.4.6.x
cisco / adaptive_security_appliance_software	9.15.1.7	9.15.1.7.x
cisco / adaptive_security_appliance_software	9.16.2	9.16.2.x
cisco / adaptive_security_appliance_software	9.16.3.3	9.16.3.3.x
cisco / adaptive_security_appliance_software	9.16.3	9.16.3.x
cisco / adaptive_security_appliance_software	9.18.2	9.18.2.x
cisco / adaptive_security_appliance_software	9.8.4.48	9.8.4.48.x
cisco / adaptive_security_appliance_software	9.8.4.46	9.8.4.46.x
cisco / adaptive_security_appliance_software	9.19.1.9	9.19.1.9.x
cisco / adaptive_security_appliance_software	9.19.1.5	9.19.1.5.x
cisco / adaptive_security_appliance_software	9.19.1.18	9.19.1.18.x
cisco / adaptive_security_appliance_software	9.19.1.12	9.19.1.12.x
cisco / adaptive_security_appliance_software	9.19.1	9.19.1.x
cisco / adaptive_security_appliance_software	9.18.3.55	9.18.3.55.x
cisco / adaptive_security_appliance_software	9.18.3.53	9.18.3.53.x
cisco / adaptive_security_appliance_software	9.18.3.46	9.18.3.46.x
cisco / adaptive_security_appliance_software	9.18.3.39	9.18.3.39.x
cisco / adaptive_security_appliance_software	9.18.3	9.18.3.x
cisco / adaptive_security_appliance_software	9.18.2.8	9.18.2.8.x
cisco / adaptive_security_appliance_software	9.18.2.7	9.18.2.7.x
cisco / adaptive_security_appliance_software	9.17.1.30	9.17.1.30.x
cisco / adaptive_security_appliance_software	9.17.1.20	9.17.1.20.x
cisco / adaptive_security_appliance_software	9.16.4.9	9.16.4.9.x
cisco / adaptive_security_appliance_software	9.16.4.38	9.16.4.38.x
cisco / adaptive_security_appliance_software	9.16.4.27	9.16.4.27.x
cisco / adaptive_security_appliance_software	9.16.4.19	9.16.4.19.x
cisco / adaptive_security_appliance_software	9.16.4.18	9.16.4.18.x
cisco / adaptive_security_appliance_software	9.16.4.14	9.16.4.14.x
cisco / adaptive_security_appliance_software	9.16.3.23	9.16.3.23.x
cisco / adaptive_security_appliance_software	9.16.3.19	9.16.3.19.x
cisco / adaptive_security_appliance_software	9.16.3.15	9.16.3.15.x
cisco / adaptive_security_appliance_software	9.14.4.23	9.14.4.23.x
cisco / adaptive_security_appliance_software	9.14.4.22	9.14.4.22.x
cisco / adaptive_security_appliance_software	9.14.4.17	9.14.4.17.x
cisco / adaptive_security_appliance_software	9.14.4.15	9.14.4.15.x
cisco / adaptive_security_appliance_software	9.14.4.14	9.14.4.14.x
cisco / adaptive_security_appliance_software	9.14.4.13	9.14.4.13.x
cisco / adaptive_security_appliance_software	9.12.4.58	9.12.4.58.x
cisco / adaptive_security_appliance_software	9.12.4.56	9.12.4.56.x
cisco / adaptive_security_appliance_software	9.12.4.55	9.12.4.55.x
cisco / adaptive_security_appliance_software	9.12.4.54	9.12.4.54.x
cisco / adaptive_security_appliance_software	9.12.4.52	9.12.4.52.x
cisco / adaptive_security_appliance_software	9.12.4.50	9.12.4.50.x
cisco / adaptive_security_appliance_software	9.12.4.48	9.12.4.48.x
cisco / adaptive_security_appliance_software	9.12.4.47	9.12.4.47.x
cisco / adaptive_security_appliance_software	9.12.4.41	9.12.4.41.x
cisco / adaptive_security_appliance_software	9.12.4.40	9.12.4.40.x
cisco / adaptive_security_appliance_software	9.12.4.62	9.12.4.62.x
cisco / adaptive_security_appliance_software	9.12.4.65	9.12.4.65.x
cisco / adaptive_security_appliance_software	9.16.4.39	9.16.4.39.x
cisco / adaptive_security_appliance_software	9.16.4.42	9.16.4.42.x
cisco / adaptive_security_appliance_software	9.16.4.48	9.16.4.48.x
cisco / adaptive_security_appliance_software	9.16.4.55	9.16.4.55.x
cisco / adaptive_security_appliance_software	9.17.1.33	9.17.1.33.x
cisco / adaptive_security_appliance_software	9.18.3.56	9.18.3.56.x
cisco / adaptive_security_appliance_software	9.18.4	9.18.4.x
cisco / adaptive_security_appliance_software	9.18.4.5	9.18.4.5.x
cisco / adaptive_security_appliance_software	9.18.4.8	9.18.4.8.x
cisco / adaptive_security_appliance_software	9.19.1.22	9.19.1.22.x
cisco / adaptive_security_appliance_software	9.19.1.24	9.19.1.24.x
cisco / adaptive_security_appliance_software	9.19.1.27	9.19.1.27.x
cisco / adaptive_security_appliance_software	9.20.1	9.20.1.x
cisco / adaptive_security_appliance_software	9.20.1.5	9.20.1.5.x
cisco / adaptive_security_appliance_software	9.20.2	9.20.2.x
cisco / firepower_threat_defense	6.2.3	6.2.3.x
cisco / firepower_threat_defense	6.2.3.1	6.2.3.1.x
cisco / firepower_threat_defense	6.4.0	6.4.0.x
cisco / firepower_threat_defense	6.2.3.13	6.2.3.13.x
cisco / firepower_threat_defense	6.2.3.14	6.2.3.14.x
cisco / firepower_threat_defense	6.2.3.15	6.2.3.15.x
cisco / firepower_threat_defense	6.2.3.12	6.2.3.12.x
cisco / firepower_threat_defense	6.6.0.1	6.6.0.1.x
cisco / firepower_threat_defense	6.6.0	6.6.0.x
cisco / firepower_threat_defense	7.1.0	7.1.0.x
cisco / firepower_threat_defense	7.0.0	7.0.0.x
cisco / firepower_threat_defense	6.7.0	6.7.0.x
cisco / firepower_threat_defense	7.2.0.1	7.2.0.1.x
cisco / firepower_threat_defense	7.0.1	7.0.1.x
cisco / firepower_threat_defense	7.0.0.1	7.0.0.1.x
cisco / firepower_threat_defense	7.0.1.1	7.0.1.1.x
cisco / firepower_threat_defense	7.0.2	7.0.2.x
cisco / firepower_threat_defense	7.0.2.1	7.0.2.1.x
cisco / firepower_threat_defense	7.0.3	7.0.3.x
cisco / firepower_threat_defense	7.0.4	7.0.4.x
cisco / firepower_threat_defense	6.6.1	6.6.1.x
cisco / firepower_threat_defense	6.6.3	6.6.3.x
cisco / firepower_threat_defense	6.6.4	6.6.4.x
cisco / firepower_threat_defense	6.6.5	6.6.5.x
cisco / firepower_threat_defense	6.6.5.1	6.6.5.1.x
cisco / firepower_threat_defense	6.6.5.2	6.6.5.2.x
cisco / firepower_threat_defense	7.1.0.1	7.1.0.1.x
cisco / firepower_threat_defense	7.1.0.2	7.1.0.2.x
cisco / firepower_threat_defense	7.2.0	7.2.0.x
cisco / firepower_threat_defense	6.2.3.2	6.2.3.2.x
cisco / firepower_threat_defense	6.2.3.3	6.2.3.3.x
cisco / firepower_threat_defense	6.2.3.4	6.2.3.4.x
cisco / firepower_threat_defense	6.2.3.5	6.2.3.5.x
cisco / firepower_threat_defense	6.2.3.6	6.2.3.6.x
cisco / firepower_threat_defense	6.2.3.7	6.2.3.7.x
cisco / firepower_threat_defense	6.2.3.8	6.2.3.8.x
cisco / firepower_threat_defense	6.2.3.10	6.2.3.10.x
cisco / firepower_threat_defense	6.2.3.11	6.2.3.11.x
cisco / firepower_threat_defense	6.2.3.9	6.2.3.9.x
cisco / firepower_threat_defense	6.2.3.16	6.2.3.16.x
cisco / firepower_threat_defense	6.2.3.17	6.2.3.17.x
cisco / firepower_threat_defense	6.2.3.18	6.2.3.18.x
cisco / firepower_threat_defense	6.4.0.1	6.4.0.1.x
cisco / firepower_threat_defense	6.4.0.3	6.4.0.3.x
cisco / firepower_threat_defense	6.4.0.2	6.4.0.2.x
cisco / firepower_threat_defense	6.4.0.4	6.4.0.4.x
cisco / firepower_threat_defense	6.4.0.5	6.4.0.5.x
cisco / firepower_threat_defense	6.4.0.6	6.4.0.6.x
cisco / firepower_threat_defense	6.4.0.7	6.4.0.7.x
cisco / firepower_threat_defense	6.4.0.8	6.4.0.8.x
cisco / firepower_threat_defense	6.4.0.9	6.4.0.9.x
cisco / firepower_threat_defense	6.4.0.10	6.4.0.10.x
cisco / firepower_threat_defense	6.4.0.11	6.4.0.11.x
cisco / firepower_threat_defense	6.4.0.12	6.4.0.12.x
cisco / firepower_threat_defense	6.4.0.13	6.4.0.13.x
cisco / firepower_threat_defense	6.4.0.14	6.4.0.14.x
cisco / firepower_threat_defense	6.7.0.1	6.7.0.1.x
cisco / firepower_threat_defense	6.7.0.2	6.7.0.2.x
cisco / firepower_threat_defense	6.7.0.3	6.7.0.3.x
cisco / firepower_threat_defense	6.6.7	6.6.7.x
cisco / firepower_threat_defense	7.2.1	7.2.1.x
cisco / firepower_threat_defense	7.2.2	7.2.2.x
cisco / firepower_threat_defense	7.2.3	7.2.3.x
cisco / firepower_threat_defense	7.3.1.1	7.3.1.1.x
cisco / firepower_threat_defense	7.3.1	7.3.1.x
cisco / firepower_threat_defense	7.3.0	7.3.0.x
cisco / firepower_threat_defense	7.2.5	7.2.5.x
cisco / firepower_threat_defense	7.2.4.1	7.2.4.1.x
cisco / firepower_threat_defense	7.2.4	7.2.4.x
cisco / firepower_threat_defense	7.1.0.3	7.1.0.3.x
cisco / firepower_threat_defense	7.0.6	7.0.6.x
cisco / firepower_threat_defense	7.0.5	7.0.5.x
cisco / firepower_threat_defense	6.6.7.1	6.6.7.1.x
cisco / firepower_threat_defense	6.4.0.16	6.4.0.16.x
cisco / firepower_threat_defense	6.4.0.15	6.4.0.15.x
cisco / firepower_threat_defense	6.4.0.17	6.4.0.17.x
cisco / firepower_threat_defense	7.0.6.1	7.0.6.1.x
cisco / firepower_threat_defense	7.2.5.1	7.2.5.1.x
cisco / firepower_threat_defense	7.4.0	7.4.0.x
cisco / firepower_threat_defense	7.4.1	7.4.1.x

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h

Vulnerability Database

289,598

CVE-2024-20359