Cisco Firepower Device Manager Software Flaw Let Attackers Execute Remote Code

A vulnerability tracked as (CVE-2021-1518) rated medium severity, found in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software, might allow an attacker to execute arbitrary code on the underlying operating system of an affected device.

The flaw has a CVSS score of 6.3, reported by security researchers of Positive Technologies, Nikita Abramov, and Mikhail Klyuchnikov.

To exploit this vulnerability, an attacker sends a crafted HTTP request to the API subsystem of an affected device. The flaw could be exploited by an attacker having valid user credentials.

According to the report, “This vulnerability is due to insufficient sanitization of user input on specific REST API commands. An attacker could exploit this vulnerability by sending a crafted HTTP request to the API subsystem of an affected device.”

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

The report says this vulnerability affected Cisco FDM On-Box Software. Cisco mentions it’s not aware of the vulnerability being exploited in the wild.

Fixes for the Vulnerability

Cisco software releases and the fixes for the vulnerability:

Cisco advised its customers to frequently consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution.

Furthermore, customers should make sure the devices that are upgraded, include sufficient memory and verify that current hardware and software configurations will continue to be supported properly by the new release.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.