.webp)
Summary
A critical vulnerability has been identified for the Cisco Firepower Management Center (FMC) Software known as CVE-2023-20048, CVSS score 9.9. It can allow for an authenticated, remote attacker to execute unauthorized configuration commands on a firepower threat defense device managed by this software. To exploit this vulnerability, an attacker would need valid credentials on the FMC software.
Impact Assessment
This vulnerability impacts critical network infrastructure for security purposes. If exploited, it can allow configuration changes on a firewall device. However, this vulnerability does require valid credentials on the Firepower Management Center software. This vulnerability affects Cisco products if they are running a vulnerable version of Cisco FMC software. It has been confirmed that the Adaptive Security Appliance Software, FTD Software, and Next-Generation Intrusion Prevention System Software are not subject to this vulnerability.
What it means for you
If you or your organization utilizes Cisco appliances that use or are compatible with the Firepower Management Center Software, it is paramount to update as soon as possible.
Remediation
There is an update available to remediate this vulnerability. Cisco has not provided vulnerable version numbers in their security advisory; however, they have provided a tool to cross reference a current release number that the software is running at to check for vulnerabilities. Please see the advisory on information on how to patch this vulnerability on your affected software.
Business Implications
Exploitation of this vulnerability result in reputational loss as well as possible monetary loss as a result of threat actor action. Due to this vulnerability being prevented by not supplying valid credentials to the FMC software, this will expose a poor security posture if exploited.
Access Point Technology Recommends
Patch – We recommend auditing your network devices to check for any Cisco Firepower Management Center Software installations and remediate this vulnerability through a security update.
Ensure proper access control – This vulnerability can be prevented from being exploited by not supplying the attacker with valid credentials to the FMC software. Ensure your organization knowns who has access to these credentials and attempt to use authentication alongside this software.
.jpg)
