Cisco patches Firepower Device Manager On-Box Software RCE vulnerability

July 25, 2021

Cisco patched a Remote Code Execution vulnerability in the Cisco Firepower Device Manager On-Box Software. The vulnerability only affects Cisco FDM On-Box Software. 

The Vulnerability

A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software, which due to insufficient sanitization of user input on specific REST API commands could allow an authenticated attacker to remotely execute arbitrary code on the vulnerable system of the affected device. 

Affected Products

The left column is a list of affected versions, whereas the right column is the fixed product version, if relevant. 

Cisco FDM On-Box Software affected version First Fixed Release
6.3.0 Migrate to a fixed release.
6.4.0 6.4.0.12, 6.4.4
6.5.0 6.7.0.2
6.6.0 6.7.0.2
6.7.0 6.7.0.2
7 Not vulnerable.

Mitigation

For full mitigation, CYREBRO recommends updating the relevant products to the fixed versions as stated in the “Affected Products” section above, by either updating the release or migrating to a fixed released if an update is unavailable.  

References: Cisco Security Advisory 

Sign Up for Updates