—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance Path Traversal Vulnerability

Advisory ID: cisco-sa-20180620-firepwr-pt

Revision: 1.0

For Public Release: 2018 June 20 16:00 GMT

Last Updated: 2018 June 20 16:00 GMT

CVE ID(s): CVE-2018-0300

CVSS Score v(3): 7.2 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

+———————————————————————

Summary

=======

A vulnerability in the process of uploading new application images to the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device.

The vulnerability is due to insufficient validation during the application image upload process. An attacker could exploit this vulnerability by creating an application image containing malicious code and installing the image on the affected device using the CLI or web-based user interface (web UI). These actions occur prior to signature verification and could allow the attacker to create and execute arbitrary code with root privileges.

Note: A missing or invalid signature in the application image will cause the upload process to fail, but does not prevent the exploit.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt”]

This advisory is part of the June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection, which includes 24 Cisco Security Advisories that describe 24 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection [“https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-67770”].

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJbKnqSXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczX4AP/R6akXfmHXrT3dBKMlz1L6a+9gbf
52ZwVn5444vPyHMLa0yIekrQ4pvVf5FxL00QKYpVXqyTqAY3y3ssmUFE4GFjAqt+
fxktchRYep21IT8wiOf/cZjH+DRecjKaMZ4YOJAc5Hjxht3G9X9um7S5Rp/+Sx4O
d0ffa3nE7pywqtaLqLULgvfiO1GnAICSX05hyfq4wkUcBtA5iarIjRLHUBK/UWHo
c8HDvPSoDT5MTbqR9pdj9M7WwZa1MXbcQkGnwBrxgUO9K+Djk3VN95f1tif3882S
SFf0C6fcODp+kLT4Q+ijt+uH7DvkxxvYINlHXTWCC2Z/UiE6KdJ8YTw8Gn9tkmk4
yz2A0ZGKc6iz70YcToVuwVVkkw3BNT7FutdBc3U23+K3zjjCvnZgbnwAJ3jINCEy
icHE0Np4jOmOQvS4kl6px9ht0k3l4XWEG/1HIRqMO5211HsfBEkbCXofDXzgIbVF
nx7uQUdIye6Jk6d94qeiYCVSgN2vRuRSHsQoIAgzZaqYHcAAY/q/e5zeHpbdZT7w
1r8folfZmNCNp5wt9GFGB4sXgl7CNC87UtlByL6+NhTlIYBkPrQwDszpWbKwqHEm
p98cvuz0GTRNzwczNZnvdHQ3JvGp3RfE/G/KR7WtE+pDGCwcx6wWjddt8LhF1ZHi
/xrotG2ksFy+nBdf
=8ZCH
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com