BDU:2025-11000 | Уязвимость программного обеспечения администрирова

BDU:2025-11000

Уязвимость программного обеспечения администрирования сети Cisco Secure Firewall Management Center (ранее Cisco Firepower Management Center), связанная с недостаточной проверкой введенных пользователем данных, позволяющая нарушителю повысить привилегии и выполнить произвольные команды

📄 Описание

Уязвимость программного обеспечения администрирования сети Cisco Secure Firewall Management Center (ранее Cisco Firepower Management Center) связана с недостаточной проверкой введенных пользователем данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, повысить привилегии и выполнить произвольные команды

🖥️ Уязвимое ПО

Cisco Systems Inc.

Наименование ПО: Firepower Threat Defense, Adaptive Security Appliance

Версия ПО: 6.2.3 (Firepower Threat Defense), 6.4.0 (Firepower Threat Defense), 6.2.3.16 (Firepower Threat Defense), 9.8.4.22 (Adaptive Security Appliance), 9.8.4.25 (Adaptive Security Appliance), 9.12.4.2 (Adaptive Security Appliance), 9.14.1.15 (Adaptive Security Appliance), 9.16.1 (Adaptive Security Appliance), 7.0.0 (Firepower Threat Defense), 7.2.0 (Firepower Threat Defense), 7.2.0.1 (Firepower Threat Defense), 9.14.1 (Adaptive Security Appliance), 9.14.1.10 (Adaptive Security Appliance), 9.14.1.19 (Adaptive Security Appliance), 9.14.1.30 (Adaptive Security Appliance), 9.14.2 (Adaptive Security Appliance), 9.14.2.4 (Adaptive Security Appliance), 9.14.2.8 (Adaptive Security Appliance), 9.14.2.13 (Adaptive Security Appliance), 9.14.2.15 (Adaptive Security Appliance), 9.14.3 (Adaptive Security Appliance), 9.14.3.1 (Adaptive Security Appliance), 9.14.3.9 (Adaptive Security Appliance), 9.14.3.13 (Adaptive Security Appliance), 9.14.3.15 (Adaptive Security Appliance), 9.14.3.18 (Adaptive Security Appliance), 6.6.0 (Firepower Threat Defense), 6.6.0.1 (Firepower Threat Defense), 6.6.1 (Firepower Threat Defense), 6.6.3 (Firepower Threat Defense), 6.6.4 (Firepower Threat Defense), 6.6.5 (Firepower Threat Defense), 6.6.5.1 (Firepower Threat Defense), 6.6.5.2 (Firepower Threat Defense), 7.0.0.1 (Firepower Threat Defense), 7.0.1 (Firepower Threat Defense), 7.0.1.1 (Firepower Threat Defense), 7.0.2 (Firepower Threat Defense), 7.0.2.1 (Firepower Threat Defense), 7.0.3 (Firepower Threat Defense), 7.0.4 (Firepower Threat Defense), 7.1.0.1 (Firepower Threat Defense), 7.1.0.2 (Firepower Threat Defense), 9.8.1 (Adaptive Security Appliance), 9.8.1.5 (Adaptive Security Appliance), 9.8.1.7 (Adaptive Security Appliance), 9.8.2 (Adaptive Security Appliance), 9.8.2.8 (Adaptive Security Appliance), 9.8.2.14 (Adaptive Security Appliance), 9.8.2.15 (Adaptive Security Appliance), 9.8.2.17 (Adaptive Security Appliance), 9.8.2.20 (Adaptive Security Appliance), 9.8.2.24 (Adaptive Security Appliance), 9.8.2.26 (Adaptive Security Appliance), 9.8.2.28 (Adaptive Security Appliance), 9.8.2.33 (Adaptive Security Appliance), 9.8.2.35 (Adaptive Security Appliance), 9.8.2.38 (Adaptive Security Appliance), 9.8.3 (Adaptive Security Appliance), 9.8.3.8 (Adaptive Security Appliance), 9.8.3.11 (Adaptive Security Appliance), 9.8.3.14 (Adaptive Security Appliance), 9.8.3.16 (Adaptive Security Appliance), 9.8.3.18 (Adaptive Security Appliance), 9.8.3.21 (Adaptive Security Appliance), 9.8.3.26 (Adaptive Security Appliance), 9.8.3.29 (Adaptive Security Appliance), 9.8.4 (Adaptive Security Appliance), 9.8.4.3 (Adaptive Security Appliance), 9.8.4.7 (Adaptive Security Appliance), 9.8.4.8 (Adaptive Security Appliance), 9.8.4.10 (Adaptive Security Appliance), 9.8.4.12 (Adaptive Security Appliance), 9.8.4.15 (Adaptive Security Appliance), 9.8.4.17 (Adaptive Security Appliance), 9.14.3.11 (Adaptive Security Appliance), 9.14.4.6 (Adaptive Security Appliance), 9.14.4 (Adaptive Security Appliance), 9.14.4.7 (Adaptive Security Appliance), 9.14.4.12 (Adaptive Security Appliance), 9.16.3 (Adaptive Security Appliance), 9.16.3.3 (Adaptive Security Appliance), 9.16.3.14 (Adaptive Security Appliance), 9.17.1 (Adaptive Security Appliance), 9.17.1.7 (Adaptive Security Appliance), 9.17.1.9 (Adaptive Security Appliance), 9.17.1.10 (Adaptive Security Appliance), 9.17.1.11 (Adaptive Security Appliance), 9.17.1.13 (Adaptive Security Appliance), 9.17.1.15 (Adaptive Security Appliance), 9.18.1 (Adaptive Security Appliance), 6.6.7 (Firepower Threat Defense), 9.16.1.28 (Adaptive Security Appliance), 9.16.2 (Adaptive Security Appliance), 9.16.2.3 (Adaptive Security Appliance), 9.16.2.7 (Adaptive Security Appliance), 9.16.2.11 (Adaptive Security Appliance), 9.16.2.13 (Adaptive Security Appliance), 9.16.2.14 (Adaptive Security Appliance), 9.16.3.15 (Adaptive Security Appliance), 9.16.3.19 (Adaptive Security Appliance), 9.16.3.23 (Adaptive Security Appliance), 9.16.4 (Adaptive Security Appliance), 9.16.4.9 (Adaptive Security Appliance), 9.17.1.20 (Adaptive Security Appliance), 9.18.1.3 (Adaptive Security Appliance), 9.18.2 (Adaptive Security Appliance), 9.18.2.5 (Adaptive Security Appliance), 9.18.2.7 (Adaptive Security Appliance), 9.19.1 (Adaptive Security Appliance), 7.0.5 (Firepower Threat Defense), 7.1.0.3 (Firepower Threat Defense), 7.2.1 (Firepower Threat Defense), 7.2.2 (Firepower Threat Defense), 7.2.3 (Firepower Threat Defense), 7.3.0 (Firepower Threat Defense), 7.3.1 (Firepower Threat Defense), 7.3.1.1 (Firepower Threat Defense), 7.2.4 (Firepower Threat Defense), 9.8.4.20 (Adaptive Security Appliance), 9.8.4.26 (Adaptive Security Appliance), 9.8.4.29 (Adaptive Security Appliance), 9.12.1 (Adaptive Security Appliance), 9.12.1.2 (Adaptive Security Appliance), 9.12.1.3 (Adaptive Security Appliance), 9.12.2 (Adaptive Security Appliance), 9.12.2.1 (Adaptive Security Appliance), 9.12.2.4 (Adaptive Security Appliance), 9.12.2.5 (Adaptive Security Appliance), 9.12.2.9 (Adaptive Security Appliance), 9.12.3 (Adaptive Security Appliance), 9.12.3.2 (Adaptive Security Appliance), 9.12.3.7 (Adaptive Security Appliance), 9.12.3.9 (Adaptive Security Appliance), 9.12.4 (Adaptive Security Appliance), 9.12.4.4 (Adaptive Security Appliance), 9.12.4.7 (Adaptive Security Appliance), 9.12.4.8 (Adaptive Security Appliance), 9.12.4.10 (Adaptive Security Appliance), 9.12.4.13 (Adaptive Security Appliance), 9.12.4.18 (Adaptive Security Appliance), 9.12.4.24 (Adaptive Security Appliance), 9.12.4.26 (Adaptive Security Appliance), 9.12.4.29 (Adaptive Security Appliance), 9.12.4.30 (Adaptive Security Appliance), 9.12.4.35 (Adaptive Security Appliance), 9.14.1.6 (Adaptive Security Appliance), 9.8.4.32 (Adaptive Security Appliance), 9.8.4.33 (Adaptive Security Appliance), 9.8.4.34 (Adaptive Security Appliance), 9.8.4.35 (Adaptive Security Appliance), 9.8.4.39 (Adaptive Security Appliance), 9.8.4.40 (Adaptive Security Appliance), 9.8.4.41 (Adaptive Security Appliance), 9.8.4.43 (Adaptive Security Appliance), 9.8.4.44 (Adaptive Security Appliance), 9.8.4.45 (Adaptive Security Appliance), 9.8.4.46 (Adaptive Security Appliance), 9.8.4.48 (Adaptive Security Appliance), 9.12.3.12 (Adaptive Security Appliance), 9.12.4.37 (Adaptive Security Appliance), 9.12.4.38 (Adaptive Security Appliance), 9.12.4.39 (Adaptive Security Appliance), 9.12.4.40 (Adaptive Security Appliance), 9.12.4.41 (Adaptive Security Appliance), 9.12.4.47 (Adaptive Security Appliance), 9.12.4.48 (Adaptive Security Appliance), 9.12.4.50 (Adaptive Security Appliance), 9.12.4.52 (Adaptive Security Appliance), 9.12.4.54 (Adaptive Security Appliance), 9.12.4.55 (Adaptive Security Appliance), 9.12.4.56 (Adaptive Security Appliance), 9.14.4.13 (Adaptive Security Appliance), 9.14.4.14 (Adaptive Security Appliance), 9.14.4.15 (Adaptive Security Appliance), 9.14.4.17 (Adaptive Security Appliance), 9.14.4.22 (Adaptive Security Appliance), 9.14.4.23 (Adaptive Security Appliance), 9.16.4.14 (Adaptive Security Appliance), 9.16.4.18 (Adaptive Security Appliance), 9.17.1.30 (Adaptive Security Appliance), 9.18.2.8 (Adaptive Security Appliance), 9.18.3 (Adaptive Security Appliance), 9.19.1.5 (Adaptive Security Appliance), 9.19.1.9 (Adaptive Security Appliance), 6.2.3.3 (Firepower Threat Defense), 6.2.3.4 (Firepower Threat Defense), 6.2.3.5 (Firepower Threat Defense), 6.2.3.6 (Firepower Threat Defense), 6.2.3.7 (Firepower Threat Defense), 6.2.3.8 (Firepower Threat Defense), 6.2.3.9 (Firepower Threat Defense), 6.2.3.10 (Firepower Threat Defense), 6.2.3.11 (Firepower Threat Defense), 6.2.3.12 (Firepower Threat Defense), 6.2.3.13 (Firepower Threat Defense), 6.2.3.14 (Firepower Threat Defense), 6.2.3.15 (Firepower Threat Defense), 6.2.3.17 (Firepower Threat Defense), 6.2.3.18 (Firepower Threat Defense), 6.4.0.1 (Firepower Threat Defense), 6.4.0.2 (Firepower Threat Defense), 6.4.0.3 (Firepower Threat Defense), 6.4.0.4 (Firepower Threat Defense), 6.4.0.5 (Firepower Threat Defense), 6.4.0.6 (Firepower Threat Defense), 6.4.0.7 (Firepower Threat Defense), 6.4.0.8 (Firepower Threat Defense), 6.4.0.9 (Firepower Threat Defense), 6.4.0.10 (Firepower Threat Defense), 6.4.0.11 (Firepower Threat Defense), 6.4.0.12 (Firepower Threat Defense), 6.4.0.13 (Firepower Threat Defense), 6.4.0.14 (Firepower Threat Defense), 6.4.0.15 (Firepower Threat Defense), 6.4.0.16 (Firepower Threat Defense), 6.6.7.1 (Firepower Threat Defense), 7.1.0 (Firepower Threat Defense), 6.2.3.1 (Firepower Threat Defense), 6.2.3.2 (Firepower Threat Defense), 9.12.4.58 (Adaptive Security Appliance), 9.16.4.19 (Adaptive Security Appliance), 9.16.4.27 (Adaptive Security Appliance), 9.18.3.39 (Adaptive Security Appliance), 9.18.3.46 (Adaptive Security Appliance), 9.19.1.12 (Adaptive Security Appliance), 7.0.6 (Firepower Threat Defense), 9.16.4.38 (Adaptive Security Appliance), 9.18.3.53 (Adaptive Security Appliance), 9.18.3.55 (Adaptive Security Appliance), 9.19.1.18 (Adaptive Security Appliance), 7.2.4.1 (Firepower Threat Defense), 7.2.5 (Firepower Threat Defense), 9.12.4.62 (Adaptive Security Appliance), 9.12.4.65 (Adaptive Security Appliance), 9.16.4.39 (Adaptive Security Appliance), 9.16.4.42 (Adaptive Security Appliance), 9.16.4.48 (Adaptive Security Appliance), 9.16.4.55 (Adaptive Security Appliance), 9.17.1.33 (Adaptive Security Appliance), 9.18.3.56 (Adaptive Security Appliance), 9.18.4 (Adaptive Security Appliance), 9.18.4.5 (Adaptive Security Appliance), 9.18.4.8 (Adaptive Security Appliance), 9.19.1.22 (Adaptive Security Appliance), 9.19.1.24 (Adaptive Security Appliance), 9.19.1.27 (Adaptive Security Appliance), 9.20.1 (Adaptive Security Appliance), 9.20.1.5 (Adaptive Security Appliance), 9.20.2 (Adaptive Security Appliance), 6.4.0.17 (Firepower Threat Defense), 7.0.6.1 (Firepower Threat Defense), 7.2.5.1 (Firepower Threat Defense), 7.4.0 (Firepower Threat Defense), 7.4.1 (Firepower Threat Defense), 7.3.1.2 (Firepower Threat Defense), 6.6.7.2 (Firepower Threat Defense), 9.8.2.45 (Adaptive Security Appliance), 9.14.4.24 (Adaptive Security Appliance), 9.16.4.57 (Adaptive Security Appliance), 9.16.4.61 (Adaptive Security Appliance), 9.17.1.39 (Adaptive Security Appliance), 9.18.4.22 (Adaptive Security Appliance), 9.18.4.24 (Adaptive Security Appliance), 9.18.4.29 (Adaptive Security Appliance), 9.19.1.28 (Adaptive Security Appliance), 9.19.1.31 (Adaptive Security Appliance), 9.20.2.10 (Adaptive Security Appliance), 9.20.2.21 (Adaptive Security Appliance), 9.20.2.22 (Adaptive Security Appliance), 7.0.6.2 (Firepower Threat Defense), 7.2.5.2 (Firepower Threat Defense), 7.2.8.1 (Firepower Threat Defense), 7.4.1.1 (Firepower Threat Defense), 9.12.4.67 (Adaptive Security Appliance), 6.4.0.18 (Firepower Threat Defense), 7.2.6 (Firepower Threat Defense), 7.2.7 (Firepower Threat Defense), 9.16.4.67 (Adaptive Security Appliance), 9.16.4.70 (Adaptive Security Appliance), 9.18.4.40 (Adaptive Security Appliance), 9.20.3 (Adaptive Security Appliance), 9.16.4.62 (Adaptive Security Appliance), 9.18.4.34 (Adaptive Security Appliance), 7.2.8 (Firepower Threat Defense), 7.4.2 (Firepower Threat Defense), 9.20.3.4 (Adaptive Security Appliance), 9.20.3.7 (Adaptive Security Appliance), 9.22.1.1 (Adaptive Security Appliance), 7.4.2.1 (Firepower Threat Defense), 7.6.0 (Firepower Threat Defense), 9.16.4.71 (Adaptive Security Appliance), 9.16.4.76 (Adaptive Security Appliance), 9.16.4.82 (Adaptive Security Appliance), 9.17.1.45 (Adaptive Security Appliance), 9.17.1.46 (Adaptive Security Appliance), 9.18.4.47 (Adaptive Security Appliance), 9.18.4.50 (Adaptive Security Appliance), 9.18.4.52 (Adaptive Security Appliance), 9.18.4.53 (Adaptive Security Appliance), 9.19.1.37 (Adaptive Security Appliance), 9.19.1.38 (Adaptive Security Appliance), 9.20.3.9 (Adaptive Security Appliance), 9.20.3.10 (Adaptive Security Appliance), 9.20.3.13 (Adaptive Security Appliance), 9.22.1.3 (Adaptive Security Appliance), 9.22.1.2 (Adaptive Security Appliance), 9.22.1.6 (Adaptive Security Appliance), 9.23.1 (Adaptive Security Appliance), 7.0.6.3 (Firepower Threat Defense), 7.0.7 (Firepower Threat Defense), 7.2.9 (Firepower Threat Defense), 7.4.2.2 (Firepower Threat Defense), 7.7.0 (Firepower Threat Defense)

Тип ПО: ПО программно-аппаратного средства, ПО сетевого программно-аппаратного средства

ОС / платформа: —

⚙️ Технические сведения

Тип ошибки

Неправильная обработка разделителей выражений/команд (CWE-146)

Класс уязвимости

Уязвимость кода

Дата выявления

10.10.2024

Способ эксплуатации

Злоупотребление функционалом

Способ устранения

Обновление программного обеспечения

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Устранение

Уязвимость устранена

📊 CVSS

CVSS 2.0

AV:L/AC:L/Au:S/C:C/I:C/A:N

CVSS 3.0

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

⚠️ Уровень опасности

Средний уровень опасности (базовая оценка CVSS 2.0 составляет 6,2)
Средний уровень опасности (базовая оценка CVSS 3.1 составляет 6)

🔗 Источники и меры

🔗 https://www.cve.org/CVERecord?id=CVE-2025-20237

🏷️ Идентификаторы

CVE-2025-20237, VulDB ID:320190

📅 Даты

Дата публикации

12.09.2025

Последнее обновление

12.09.2025

← Назад к списку

Детали уязвимости