India's CERT-In discovers three vulnerabilities in Cisco ASA and FTD software, allowing arbitrary commands, DoS, and potential data theft.

India's Computer Emergency Response Team (CERT-In) has discovered three serious vulnerabilities in Cisco products, including Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) software. These vulnerabilities could enable hackers to execute arbitrary commands and codes, cause unexpected device reloads leading to a Denial of Service (DoS), and potentially steal data. The issue, termed as 'Command Injection Vulnerability,' arises due to improper sanitization of backup file contents at restore time.

April 27, 2024
4 Articles