Cisco Firepower Device Manager Software Flaw Let Attackers Execute Remote Code

A vulnerability tracked as (CVE-2021-1518) rated medium severity, found in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software, might allow an attacker to execute arbitrary code on the underlying operating system of an affected device.

The flaw has a CVSS score of 6.3, reported by security researchers of Positive Technologies, Nikita Abramov, and Mikhail Klyuchnikov.

To exploit this vulnerability, an attacker sends a crafted HTTP request to the API subsystem of an affected device. The flaw could be exploited by an attacker having valid user credentials.

According to the report, “This vulnerability is due to insufficient sanitization of user input on specific REST API commands. An attacker could exploit this vulnerability by sending a crafted HTTP request to the API subsystem of an affected device.”

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

The report says this vulnerability affected Cisco FDM On-Box Software. Cisco mentions it’s not aware of the vulnerability being exploited in the wild.

Fixes for the Vulnerability

Cisco software releases and the fixes for the vulnerability:

Cisco advised its customers to frequently consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution.

Furthermore, customers should make sure the devices that are upgraded, include sufficient memory and verify that current hardware and software configurations will continue to be supported properly by the new release.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Novel Chinese Browser Injector Lets Hackers Intercept Web Traffic

Hackers exploit browser injectors to manipulate web content, steal sensitive information, and hijack user sessions.…

11 hours ago

MediSecure Data Breach: 12.9 Million Australian Users’ Sensitive Data Hacked

In one of the largest cyber breaches in Australian history, MediSecure, a former provider of…

12 hours ago

Cybercriminals Heavily Preparing For 2024 Paris Olympic Games Based Attacks

Major sporting events with massive online audiences, like the World Cup and Olympics, have become…

13 hours ago

BadPack APK Malware Using Wired Trick to Attack Users & Stay Undetected

Hackers often exploit the APK packers to hide malicious codes within Android applications. This will…

13 hours ago

New VPN Port Shadow Vulnerability Let Hackers Intercept Encrypted Traffic

Researchers examined how connection tracking, a fundamental function in operating systems, can be exploited to…

14 hours ago

INTERPOL Taken Down West African Organized Crime Groups

Operation Jackal III has successfully targeted West African organized crime groups, including the notorious Black…

16 hours ago