Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.
Recent assessments:
gwillcox-r7 at November 22, 2020 3:17am UTC reported:
Reported as exploited in the wild as part of Googleβs 2020 0day vulnerability spreadsheet they made available at <https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=1869060786>. Original tweet announcing this spreadsheet with the 2020 findings can be found at <https://twitter.com/maddiestone/status/1329837665378725888>
Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0
blogs.cisco.com/security/shadow-brokers
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli
tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516
www.securityfocus.com/bid/92520
www.securitytracker.com/id/1036636
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6367
github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip
www.exploit-db.com/exploits/40271