CNVD-2025-05985 — Vulnetix

CNVD-2025-05985 PUBLISHED CVSS 6 MEDIUM

Cisco Firepower Threat Defense（FTD）和Cisco Adaptive Security Appliance都是美国思科（Cisco）公司的产品。Cisco Firepower Threat Defense是一套提供下一代防火墙服务的统一软件。Cisco Adaptive Security Appliance是一个网络设备。用于保护各种规模的公司网络和数据中心。 Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance存在授权问题漏洞，该漏洞源于某些系统配置和可执行文件的存储和权限不安全。攻击者可利用该漏洞获得设备上的root访问权限。

Risk Scores

CVSS v3.1

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Affected Products

Vendor	Product	Versions
Cisco	Cisco Firepower Threat Defense Software	7.1.0, 7.1.0.1, 7.1.0.2
cisco	adaptive_security_appliance_software	9.18.1, 9.19.1, 9.20.1
cisco	firepower_threat_defense_software	7.1.0, 7.3.0, 7.4.0
Cisco	Cisco Adaptive Security Appliance (ASA) Software	9.19.1.22, 9.19.1.24, 9.19.1.27

Timeline

Oct 23, 2024 CVE Published
Oct 31, 2024 CVE ID Reserved

References

cisco-sa-asa-ftd-priv-esc-hBS9gnwq url

Open in Interactive Console →