CVE-2024-20329
CRITICALCisco Adaptive Security Appliance Software - Authenticated Remote Code Execution via SSH CLI Command Injection
Title source: llmDescription
A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by submitting crafted input when executing remote CLI commands over SSH. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system.
References (3)
Core 3
Scores
CVSS v3
9.9
EPSS
0.0257
EPSS Percentile
85.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-146
Status
published
Products (27)
cisco/adaptive_security_appliance_software
9.17.1
cisco/adaptive_security_appliance_software
9.17.1.7
cisco/adaptive_security_appliance_software
9.17.1.9
cisco/adaptive_security_appliance_software
9.17.1.10
cisco/adaptive_security_appliance_software
9.17.1.11
cisco/adaptive_security_appliance_software
9.17.1.13
cisco/adaptive_security_appliance_software
9.17.1.15
cisco/adaptive_security_appliance_software
9.17.1.20
cisco/adaptive_security_appliance_software
9.17.1.30
cisco/adaptive_security_appliance_software
9.17.1.33
... and 17 more
Published
Oct 23, 2024
Tracked Since
Feb 18, 2026