Cisco has patched a critical vulnerability CVE-2019-16028 in the web-based management interface of Cisco Firepower Management Center (FMC). An unauthenticated, remote attacker could bypass authentication and execute arbitrary code on impacted FMC devices.
The Cisco security patch is rated Critical severity and was released on January 22, 2020.
“The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device,” Cisco stated in the advisory.
As a result, a remote attacker could exploit the vulnerability and gain administrative access to the web-based management interface of the affected device.
Cisco is not aware of any public exploits of this vulnerability. In addition, the company confirmed the issue does not impact Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software
Organizations should apply the necessary software updates as soon as possible.