// For flags

CVE-2021-1488

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 and 2100 Series Appliances Command Injection Vulnerability

Severity Score

6.7
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track*
*SSVC
Descriptions

A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted upgrade package file to an affected device. A successful exploit could allow the attacker to inject commands that could be executed with root privileges on the underlying OS.

Una vulnerabilidad en el proceso de actualización del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD), podría permitir a un atacante autenticado local inyectar comandos que podrían ser ejecutados con privilegios root en el sistema operativo (SO) subyacente. Esta vulnerabilidad es debido a una comprobación insuficiente de entrada . Un atacante podría explotar esta vulnerabilidad al cargar un archivo de paquete de actualización diseñado a un dispositivo afectado. Una explotación con éxito podría permitir al atacante inyectar comandos que podrían ser ejecutados con privilegios root en el sistema operativo subyacente

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Track*
Exploitation
None
Automatable
No
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2020-11-13 CVE Reserved
  • 2021-04-29 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-11-08 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.5.0 < 6.6.4
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1010
Search vendor "Cisco" for product "Firepower 1010"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.5.0 < 6.6.4
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1120
Search vendor "Cisco" for product "Firepower 1120"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.5.0 < 6.6.4
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1140
Search vendor "Cisco" for product "Firepower 1140"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.5.0 < 6.6.4
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1150
Search vendor "Cisco" for product "Firepower 1150"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.5.0 < 6.6.4
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2110
Search vendor "Cisco" for product "Firepower 2110"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.5.0 < 6.6.4
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2120
Search vendor "Cisco" for product "Firepower 2120"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.5.0 < 6.6.4
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2130
Search vendor "Cisco" for product "Firepower 2130"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.5.0 < 6.6.4
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.4"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2140
Search vendor "Cisco" for product "Firepower 2140"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.7.0 < 6.7.0.2
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1010
Search vendor "Cisco" for product "Firepower 1010"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.7.0 < 6.7.0.2
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1120
Search vendor "Cisco" for product "Firepower 1120"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.7.0 < 6.7.0.2
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1140
Search vendor "Cisco" for product "Firepower 1140"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.7.0 < 6.7.0.2
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1150
Search vendor "Cisco" for product "Firepower 1150"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.7.0 < 6.7.0.2
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2110
Search vendor "Cisco" for product "Firepower 2110"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.7.0 < 6.7.0.2
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2120
Search vendor "Cisco" for product "Firepower 2120"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.7.0 < 6.7.0.2
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2130
Search vendor "Cisco" for product "Firepower 2130"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.7.0 < 6.7.0.2
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.2"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2140
Search vendor "Cisco" for product "Firepower 2140"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.13 < 9.13.1.21
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1010
Search vendor "Cisco" for product "Firepower 1010"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.13 < 9.13.1.21
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1120
Search vendor "Cisco" for product "Firepower 1120"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.13 < 9.13.1.21
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1140
Search vendor "Cisco" for product "Firepower 1140"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.13 < 9.13.1.21
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1150
Search vendor "Cisco" for product "Firepower 1150"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.13 < 9.13.1.21
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2110
Search vendor "Cisco" for product "Firepower 2110"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.13 < 9.13.1.21
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2120
Search vendor "Cisco" for product "Firepower 2120"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.13 < 9.13.1.21
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2130
Search vendor "Cisco" for product "Firepower 2130"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.13 < 9.13.1.21
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13 < 9.13.1.21"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2140
Search vendor "Cisco" for product "Firepower 2140"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.14 < 9.14.2.13
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1010
Search vendor "Cisco" for product "Firepower 1010"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.14 < 9.14.2.13
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1120
Search vendor "Cisco" for product "Firepower 1120"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.14 < 9.14.2.13
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1140
Search vendor "Cisco" for product "Firepower 1140"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.14 < 9.14.2.13
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1150
Search vendor "Cisco" for product "Firepower 1150"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.14 < 9.14.2.13
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2110
Search vendor "Cisco" for product "Firepower 2110"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.14 < 9.14.2.13
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2120
Search vendor "Cisco" for product "Firepower 2120"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.14 < 9.14.2.13
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2130
Search vendor "Cisco" for product "Firepower 2130"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.14 < 9.14.2.13
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.14 < 9.14.2.13"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2140
Search vendor "Cisco" for product "Firepower 2140"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.15 < 9.15.1.10
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1010
Search vendor "Cisco" for product "Firepower 1010"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.15 < 9.15.1.10
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1120
Search vendor "Cisco" for product "Firepower 1120"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.15 < 9.15.1.10
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1140
Search vendor "Cisco" for product "Firepower 1140"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.15 < 9.15.1.10
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 1150
Search vendor "Cisco" for product "Firepower 1150"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.15 < 9.15.1.10
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2110
Search vendor "Cisco" for product "Firepower 2110"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.15 < 9.15.1.10
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2120
Search vendor "Cisco" for product "Firepower 2120"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.15 < 9.15.1.10
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2130
Search vendor "Cisco" for product "Firepower 2130"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.15 < 9.15.1.10
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15 < 9.15.1.10"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 2140
Search vendor "Cisco" for product "Firepower 2140"
--
Safe