How serious is CVE-2024-20358?

This vulnerability has a CVSS score of 6.7 out of 10, classified as MEDIUM severity. Proof-of-concept exploit code is publicly available, making this an active threat.

Is there exploit code available for CVE-2024-20358?

Yes, proof-of-concept exploit code for CVE-2024-20358 is publicly available on GitHub and security research platforms. This increases the risk of active exploitation.

Which products are affected by CVE-2024-20358?

CVE-2024-20358 affects cisco adaptive security appliance software. Check the full CVE details for specific version information.

How do I fix CVE-2024-20358?

To remediate CVE-2024-20358, check for security patches from cisco. Apply all available updates and security patches. If no patch is available, implement recommended workarounds or security controls to mitigate the risk.

CVE-2024-20358

Medium

|6.7

Exploit Available

Plain English Summary

AI-powered analysis for quick understanding

An attacker with administrator-level access could exploit a flaw in Cisco's security software to run any command on the device's operating system with full control. This is possible because the system doesn't properly check the contents of backup files when they are restored, allowing a maliciously crafted backup to be used for the attack.

Technical Description

A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability exists because the contents of a backup file are improperly sanitized at restore time. An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as root.

CVSS Vector Analysis

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredHigh

User InteractionNone

Confidentiality ImpactHigh

Integrity ImpactHigh

Availability ImpactHigh

ScopeUnchanged

Vector String

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploit Resources

Search for proof-of-concept code and exploit modules

GitHub Search Exploit-DB Nuclei Templates Metasploit Vulners

Official References

NIST NVD

Est. Bounty

$966($500-$1K)

Vendor Response

Grade FPatched in 678 days

Quick Information

Published

Apr 24, 2024

almost 2 years ago

Last Modified

Mar 4, 2026

about 1 month ago

Vendor

cisco

Product

adaptive security appliance software

Related Vulnerabilities

CVE-2024-20340Medium

An attacker with a valid account on the Cisco Secure Firewall Management Center can exploit a vulnerability in its web interface to perform an SQL injection, allowing them to read sensitive database information and gain limited access to the underlying operating system. This requires the attacker to have specific roles like Security Approver or Network Admin, making it a targeted threat.

CVE-2022-20775High

An attacker with local access to the Cisco SD-WAN Software can run specially crafted commands to gain root-level control of the system, allowing them to execute any command they want. This vulnerability requires the attacker to be authenticated and have access to the command line interface.