Rewterz Threat Advisory – CVE-2021-1488 – Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software command execution

Rewterz Threat Advisory – CVE-2021-1489 – Cisco Firepower Device Manager (FDM) Software denial of service

April 29, 2021

Rewterz Threat Advisory – Multiple F5 BIG IP Vulnerabilities

April 29, 2021

Rewterz Threat Advisory – CVE-2021-1488 – Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software command execution

Severity

Medium

Analysis Summary

CVE-2021-1488

Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper input validation. By uploading a specially-crafted upgrade package file, an attacker could exploit this vulnerability to execute arbitrary commands with root privileges on the underlying OS.

Impact

Execution of arbitrary commands

Affected Vendors

Cisco

Affected Products

Cisco Adaptive Security Appliance (ASA) Software
Cisco Firepower Threat Defense (FTD) Software

Remediation

Refer to Cisco advisory for the complete list of affected products and their respective patches.

Cisco Security Advisory cisco-sa-asa-cmdinj-TKyQfDcU

Rewterz Threat Advisory – CVE-2021-1489 – Cisco Firepower Device Manager (FDM) Software denial of service

Rewterz Threat Advisory – Multiple F5 BIG IP Vulnerabilities

Rewterz Threat Advisory – CVE-2021-1488 – Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software command execution

Severity

Analysis Summary

CVE-2021-1488

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan