{"id":2786,"date":"2021-08-09T19:11:05","date_gmt":"2021-08-09T13:41:05","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=2786"},"modified":"2021-08-09T19:11:07","modified_gmt":"2021-08-09T13:41:07","slug":"cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/","title":{"rendered":"Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch"},"content":{"rendered":"\n
In a Thursday security consultative update, Cisco revealed that remote code execution (RCE) vulnerability in the Adaptive Security Device Manager (ADSM) Launcher revealed last month in a zero-day that has yet to receive a security update. Cisco ADSM is a firewall appliance manager that gives a web interface for handling Cisco Adaptive Security Appliance (ASA) firewalls and AnyConnect Security Mobility clients.<\/p><\/p>\n\n\n\n
\u201cAt the duration of publication, Cisco planned to fix the vulnerability in Cisco ASDM,\u201d the organization says in the updated advisory. \u201cCisco has not published software updates that address this vulnerability. There are no workarounds that address this vulnerability.\u201d<\/p><\/p>\n\n\n\n
The zero-day bug, addressed as CVE-2021-1585, is caused by improper signature verification for code exchanged between the ASDM and the Launcher. Prosperous exploitation could exploit this vulnerability by leveraging a man-in-the-middle position on the network to intercept the traffic between the Launcher and the ASDM and then insert arbitrary code, as Cisco explains in the updated advisory.<\/p><\/p>\n\n\n\n
In a past release, the organization also reconstruct the list of affected ADSM software versions, from releases \u20189.16.1 and earlier\u2019 \u2013 as listed in the first advisory \u2013 to \u2018 <\/em>7.16(1.150) and earlier.\u2019<\/p><\/p>\n\n\n\n
How MiTM Attack Exploit RCE Bug?<\/strong><\/h2>\n\n\n\n
<\/figure><\/div>\n\n\n\n
\u201cA successful exploit may need the threat actor to perform a social engineering attack to assured the user to start conversation from the Launcher to the ASDM.\u201d Moreover, the organization stated that its Product Security Incident Response Team (PSIRT) is not yet aware of proof-of-concept exploits for this zero-day or threat actors exploiting it in the wild.<\/p><\/p>\n\n\n\n
Not the Initiate Rodeo<\/strong>!<\/h2>\n\n\n\n
In recent news, three months ago, Cisco fixed a six-month-old zero-day vulnerability (CVE-2020-3556) in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code.<\/p><\/p>\n\n\n\n
While Cisco PSIRT stated that the proof-of-concept exploit code was available publicly when the flaws were revealed, it also stated that there was no clue of in the wild harm. Cisco revealed the zero-day in November 2020 without security updates tracking the underlying flaws, but it did give the mitigation measures to decrease the attack surface.<\/p><\/p>\n\n\n\n
Before address this CVE-2020-3556 in May, no current exploitation was reported, likely because default VPN configurations were vulnerable to attacks and the bug could only be harmed by authenticated local attackers.<\/p><\/p>\n\n\n\n
Although, last month, threat actors urgently pounced on a Cisco ASA flaw (partially patched in October 2020 and completely addressed in April 2021), urgently after Positive Technologies\u2019 Offensive Team revealed a PoC exploit. <\/p><\/p>\n","protected":false},"excerpt":{"rendered":"
In a Thursday security consultative update, Cisco revealed that remote code execution (RCE) vulnerability in the Adaptive Security Device Manager (ADSM) Launcher revealed last month in a zero-day that has yet to receive a security update. Cisco ADSM is a firewall appliance manager that gives a web interface for handling Cisco Adaptive Security Appliance (ASA) […]<\/p>\n","protected":false},"author":2,"featured_media":2788,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"yoast_head":"\n
Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"In a Thursday security consultative update, Cisco revealed that remote code execution (RCE) vulnerability in the Adaptive Security Device Manager (ADSM) Launcher revealed last month in a zero-day that has yet to receive a security update. Cisco ADSM is a firewall appliance manager that gives a web interface for handling Cisco Adaptive Security Appliance (ASA) […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-09T13:41:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-09T13:41:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/08\/Cisco-Firewall-Manager-RCE-Flaw-is-a-zero-day-Incoming-Patch-featured-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch\",\"datePublished\":\"2021-08-09T13:41:05+00:00\",\"dateModified\":\"2021-08-09T13:41:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/\"},\"wordCount\":412,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Vulnerabilities\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/\",\"url\":\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/\",\"name\":\"Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2021-08-09T13:41:05+00:00\",\"dateModified\":\"2021-08-09T13:41:07+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/","og_locale":"en_US","og_type":"article","og_title":"Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch - Xiarch Solutions Private Limited","og_description":"In a Thursday security consultative update, Cisco revealed that remote code execution (RCE) vulnerability in the Adaptive Security Device Manager (ADSM) Launcher revealed last month in a zero-day that has yet to receive a security update. Cisco ADSM is a firewall appliance manager that gives a web interface for handling Cisco Adaptive Security Appliance (ASA) […]","og_url":"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2021-08-09T13:41:05+00:00","article_modified_time":"2021-08-09T13:41:07+00:00","og_image":[{"width":1000,"height":525,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/08\/Cisco-Firewall-Manager-RCE-Flaw-is-a-zero-day-Incoming-Patch-featured-image.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch","datePublished":"2021-08-09T13:41:05+00:00","dateModified":"2021-08-09T13:41:07+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/"},"wordCount":412,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Vulnerabilities"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/","url":"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/","name":"Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2021-08-09T13:41:05+00:00","dateModified":"2021-08-09T13:41:07+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/cisco-firewall-manager-rce-flaw-is-a-zero-day-incoming-patch\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Cisco: Firewall Manager RCE Flaw is a zero-day Incoming Patch"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/2786"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=2786"}],"version-history":[{"count":1,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/2786\/revisions"}],"predecessor-version":[{"id":2790,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/2786\/revisions\/2790"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/2788"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=2786"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=2786"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=2786"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"Cisco-Firewall-Manager-RCE-Flaw-is-a-zero-day-Incoming-Patch-image1\"](\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/08\/Cisco-Firewall-Manager-RCE-Flaw-is-a-zero-day-Incoming-Patch-image1.jpg\")
<\/figure><\/div>\n\n\n\n