Threat Alert: Critical Cisco SSH Vulnerability Allows for Complete System Takeover
INFORMATIONAL ONLY
Cisco has issued a critical security advisory warning of a vulnerability in the SSH subsystem of its Adaptive Security Appliance (ASA) Software. This vulnerability, tracked as CVE-2024-20329 and assigned a CVSS score of 9.9, could allow an authenticated, remote attacker to execute commands with root privileges, effectively taking complete control of the affected system.
The advisory notes that the vulnerability arises from “insufficient validation of user input." An attacker might take advantage of this issue by “submitting specially crafted input when executing remote CLI commands via SSH.” Consequently, even users with restricted privileges could potentially elevate their access and gain complete control.
This vulnerability affects Cisco ASA devices that are running at-risk software versions with the CiscoSSH stack enabled and SSH access allowed on at least one interface. Cisco has issued software updates to resolve this issue and strongly recommends that users upgrade to a patched version immediately. Alternatively, Cisco advises disabling the CiscoSSH stack to enable the native SSH stack as a workaround.
When the advisory was issued, Cisco PSIRT had no knowledge of any public disclosures or malicious exploitation of this vulnerability. Nevertheless, due to the seriousness of the vulnerability, it is essential to act swiftly to reduce the risk.