Remotely alerts

<< Back

CVE ID: CVE-2022-20829

Last updated: July 6, 2022, 2:28 p.m.

Severity: HIGH

Description

A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability.

Severity score: 10.0 Base score: 9.0 Exploitability score: 8.0 Confidentiality impact: COMPLETE Integrity impact: COMPLETE User interaction required: False Published: June 24, 2022, 4:15 p.m. Data type: CVE Data format: MITRE Assigner: psirt@cisco.com Problem type: CWE-345 Reference url: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm Reference name: 20220622 Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability Reference source: CISCO CVE version: 2.0 Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C Access vector: NETWORK Access complexity: LOW Authentication: SINGLE Base severity: AcInsf info: False Obtain all priviledges: False User privilege: False Other privilege: False

Remotely is a azure cloud native remote monitoring and management (RMM) software that helps users, admins, and businesses contend with the IT challenges of remote worker productivity. Remotely RMM helps organizations identify and manage security thread vulnerabilities across their organizations and networks.

The purpose of Remotely Alerts is to present CVE records in a legible way. CVE are meant to help identify, define, catalogue, and present cybersecurity vulnerability information to the public.

Are you a Microsoft MVP? Did you know that all Microsoft MVPs receive Remotely RMM for free, for life? Learn more and sign up to join the Remotely community and receive early access to Remotely RMM.