Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cisa_kevCISACISA-KEV-CVE-2024-20359
HistoryApr 24, 2024 - 12:00 a.m.

Cisco ASA and FTD Privilege Escalation Vulnerability

2024-04-2400:00:00
CISA
www.cisa.gov
81
cisco
asa
ftd
privilege escalation
vulnerability
local
administrator
root

CVSS3

6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

47.8%

JSON

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.

Related

vulnrichment 1
nessus 2
githubexploit 1
cvelist 1
attackerkb 1
cisco 1
nvd 1
cve 1
thn 2
qualysblog 1
talosblog 2
vulnrichment
vulnrichment
CVE-2024-20359
2024-04-24 18:16:49
nessus
nessus
Cisco Adaptive Security Appliance Software Privilege Escalation (cisco-sa-asaftd-persist-rce-FLsNXF4h)
2024-04-25 00:00:00
Cisco Firepower Threat Defense Software Privilege Escalation (cisco-sa-asaftd-persist-rce-FLsNXF4h)
2024-04-25 00:00:00
githubexploit
githubexploit
Exploit for Code Injection in Cisco Adaptive Security Appliance Software
2024-05-04 10:40:22
cvelist
cvelist
CVE-2024-20359
2024-04-24 18:16:49
attackerkb
attackerkb
CVE-2024-20359
2024-04-24 00:00:00
cisco
cisco
Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability
2024-04-24 16:00:00
nvd
nvd
CVE-2024-20359
2024-04-24 19:15:46
cve
cve
CVE-2024-20359
2024-04-24 19:15:46
thn
thn
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
2024-05-06 13:47:00
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
2024-04-25 05:50:00
qualysblog
qualysblog
ArcaneDoor Unlocked: Tackling State-Sponsored Cyber Espionage in Network Perimeters
2024-04-24 22:55:49
talosblog
talosblog
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
2024-04-24 15:54:39
Inside the ransomware playbook: Analyzing attack chains and mapping common TTPs
2024-07-10 10:00:33

CVSS3

6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

47.8%

JSON
Related for CISA-KEV-CVE-2024-20359
vulnrichment1nessus2githubexploit1cvelist1attackerkb1cisco1nvd1cve1thn2qualysblog1talosblog2