CVE-2016-6367

HIGH KEV

Cisco ASA <8.4(1) - Privilege Escalation

Title source: llm

Exploitation Summary

CVE-2016-6367 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added May 24, 2022. EIP tracks 1 public exploit from researchers including Shadow Brokers.

AI-analyzed exploit summary This entry is a stub pointing to an external binary exploit for CVE-2016-6367, a privilege escalation vulnerability in Cisco ASA/PIX. The actual exploit code is not provided in the text, only a link to a binary.

Description

Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.

Exploits (1)

exploitdb STUB

by Shadow Brokers · textlocalhardware

https://www.exploit-db.com/exploits/40271

View Code ZIP pw:eip

This entry is a stub pointing to an external binary exploit for CVE-2016-6367, a privilege escalation vulnerability in Cisco ASA/PIX. The actual exploit code is not provided in the text, only a link to a binary.

Classification

Stub 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Cisco ASA/PIX (versions affected by CVE-2016-6367)

Auth required

Prerequisites: Authenticated access to the Cisco ASA/PIX device · Binary exploit from the provided link

MITRE ATT&CK