vulnerability

Cisco ASA: CVE-2022-20828: Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:C/I:C/A:C)	2022-06-22	2022-06-28	2023-11-29

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

2022-06-22

Added

2022-06-28

Modified

2023-11-29

Description

A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user.

Solution

cisco-asa-update-latest

References

URL-https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG
CVE-2022-20828
https://attackerkb.com/topics/CVE-2022-20828

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today