Rewterz

Rewterz Threat Alert – Emissary Panda APT

October 2, 2019
Rewterz

Rewterz Threat Advisory – Cisco Firepower Management Center SQL Injection Vulnerabilities

October 3, 2019

Rewterz Threat Advisory – CVE-2019-12689 – Cisco Firepower Management Center Remote Code Execution Vulnerability

Severity

High

Analysis Summary

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending malicious commands to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device.

Impact

Execution of arbitrary code

Affected Vendors

Cisco

Affected Products

Cisco FMC Software

Remediation

Please see vendor’s advisory for more details.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fmc-rce-12689

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.