9 - cisco-sa-20180620-firepwr-pt

A vulnerability in the process of uploading new application images to the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device.

The vulnerability is due to insufficient validation during the application image upload process. An attacker could exploit this vulnerability by creating an application image containing malicious code and installing the image on the affected device using the CLI or web-based user interface (web UI). These actions occur prior to signature verification and could allow the attacker to create and execute arbitrary code with root privileges.

Note: A missing or invalid signature in the application image will cause the upload process to fail, but does not prevent the exploit.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt"]

This advisory is part of the June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection, which includes 24 Cisco Security Advisories that describe 24 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection ["https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-67770"].

BEGIN PGP SIGNATURE

iQJ5BAEBAgBjBQJbKnqSXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczX4AP/R6akXfmHXrT3dBKMlz1L6a+9gbf 52ZwVn5444vPyHMLa0yIekrQ4pvVf5FxL00QKYpVXqyTqAY3y3ssmUFE4GFjAqt +fxktchRYep21IT8wiOf/cZjH+DRecjKaMZ4YOJAc5Hjxht3G9X9um7S5Rp/+Sx4O d0ffa3nE7pywqtaLqLULgvfiO1GnAICSX05hyfq4wkUcBtA5iarIjRLHUBK/UWHo c8HDvPSoDT5MTbqR9pdj9M7WwZa1MXbcQkGnwBrxgUO9K+Djk3VN95f1tif3882S SFf0C6fcODp+kLT4Q+ijt+uH7DvkxxvYINlHXTWCC2Z/UiE6KdJ8YTw8Gn9tkmk4 yz2A0ZGKc6iz70YcToVuwVVkkw3BNT7FutdBc3U23+K3zjjCvnZgbnwAJ3jINCEy icHE0Np4jOmOQvS4kl6px9ht0k3l4XWEG/1HIRqMO5211HsfBEkbCXofDXzgIbVF nx7uQUdIye6Jk6d94qeiYCVSgN2vRuRSHsQoIAgzZaqYHcAAY/q/e5zeHpbdZT7w 1r8folfZmNCNp5wt9GFGB4sXgl7CNC87UtlByL6+NhTlIYBkPrQwDszpWbKwqHEm p98cvuz0GTRNzwczNZnvdHQ3JvGp3RfE/G/KR7WtE+pDGCwcx6wWjddt8LhF1ZHi /xrotG2ksFy+nBdf =8ZCH END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com