Overview
- Description
- A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by submitting crafted input when executing remote CLI commands over SSH. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system.
- Source
- ykramarz@cisco.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Weaknesses
- ykramarz@cisco.com
- CWE-146
Social media
- Hype score
- Not currently trending
Cisco ASA SSH の脆弱性 CVE-2024-20329 (CVSS 9.9) が FIX:システムの完全な制御にいたる恐れ https://t.co/F6vYZpJ52R #AdaptiveSecurityAppliance #ASA #Cisco #CiscoSSH #SSH #Vulnerability
@iototsecnews
31 Oct 2024
42 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
3/6 Cisco also patched three other critical vulnerabilities: - CVE-2024-20412: Static accounts with hard-coded passwords in FTD. - CVE-2024-20424: Command injection in FMC. - CVE-2024-20329: Command injection in ASA SSH. #cybersecurity #infosec #Cisco #ASA #FTD #vulnerability
@Eth1calHackrZ
26 Oct 2024
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
💰 The Million Dollar Question! 💰 Are you vulnerable to CVE-2024-47575 or CVE-2024-20329? #Fortinet #Cisco #Citrix #Ivanti https://t.co/doqcXEqiJC
@cyberstanc
24 Oct 2024
391 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2024-20329 : Critical vulnerability in Cisco ASA allows remote command injection through SSH. Complete Vulnerability Details in the Blog: https://t.co/mFTrVQrsKY #PatchNOW #cybersecurity #hacked #Cyberattack #infosec #informationsecurity #CyberSecurityAwareness #DataBreach
@patchnow24x7
24 Oct 2024
218 Impressions
2 Retweets
0 Likes
0 Bookmarks
0 Replies
6 Quotes
CVE-2024-20329: Improper Neutralization in Cisco ASA commands, 9.9 rating 🔥🔥🔥 Vuln allows an attacker to remotely use CLI via SSH and gain control of the system. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/hDmOtBsw0i #cybersecurity #vulnerability_map #cisco htt
@Netlas_io
24 Oct 2024
3357 Impressions
19 Retweets
48 Likes
24 Bookmarks
0 Replies
0 Quotes
CVE-2024-20329 (CVSS 9.9): Critical Cisco ASA SSH Flaw Allows for Complete System Takeover https://t.co/Mh0k3m8HSD
@Dinosn
24 Oct 2024
13362 Impressions
70 Retweets
213 Likes
62 Bookmarks
0 Replies
1 Quote
CVE-2024-20329 (CVSS 9.9): Critical Cisco ASA SSH Flaw Allows for Complete System Takeover Secure your network: The #SSH #vulnerability in #Cisco ASA Software could grant attackers complete system control. https://t.co/HySdWjBTSo
@the_yellow_fall
24 Oct 2024
678 Impressions
9 Retweets
10 Likes
4 Bookmarks
0 Replies
1 Quote
[CVE-2024-20329: CRITICAL] Vulnerability in Cisco ASA Software's SSH subsystem allows remote attackers to execute OS commands. Exploiting insufficient input validation poses serious cyber risks.#cybersecurity,#vulnerability https://t.co/iGJZL9wAp7 https://t.co/KZbj2cpYov
@CveFindCom
23 Oct 2024
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes