CVE-2024-20412

HIGH EPSS 10.7%
Published Oct 23, 20241y ago · Modified Jun 17, 20261w ago
8.4 CVSS 3.1
High
Find Similar
Published Oct 23, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.

CVSS Details

Base Score
8.4
Exploitability
2.5
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
10.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 2

CWE-259
CWE-798 Use of Hard-coded Credentials Authentication

Affected Products 44

VendorProductVersionRange
ciscofirepower_threat_defense7.1.0any
ciscofirepower_threat_defense7.1.0.1any
ciscofirepower_threat_defense7.1.0.2any
ciscofirepower_threat_defense7.1.0.3any
ciscofirepower_threat_defense7.2.0any
ciscofirepower_threat_defense7.2.0.1any
ciscofirepower_threat_defense7.2.1any
ciscofirepower_threat_defense7.2.2any
ciscofirepower_threat_defense7.2.3any
ciscofirepower_threat_defense7.2.4any
ciscofirepower_threat_defense7.2.4.1any
ciscofirepower_threat_defense7.2.5any
ciscofirepower_threat_defense7.2.5.1any
ciscofirepower_threat_defense7.2.5.2any
ciscofirepower_threat_defense7.2.6any
ciscofirepower_threat_defense7.2.7any
ciscofirepower_threat_defense7.3.0any
ciscofirepower_threat_defense7.3.1any
ciscofirepower_threat_defense7.3.1.1any
ciscofirepower_threat_defense7.3.1.2any
ciscofirepower_threat_defense7.4.0any
ciscofirepower_threat_defense7.4.1any
ciscofirepower_threat_defense7.4.1.1any
ciscofirepower_1000*any
ciscofirepower_1010*any
ciscofirepower_1020*any
ciscofirepower_1030*any
ciscofirepower_1040*any
ciscofirepower_1120*any
ciscofirepower_1140*any
ciscofirepower_1150*any
ciscofirepower_2100*any
ciscofirepower_2110*any
ciscofirepower_2120*any
ciscofirepower_2130*any
ciscofirepower_2140*any
ciscofirepower_3105*any
ciscofirepower_3110*any
ciscofirepower_3120*any
ciscofirepower_3130*any
ciscofirepower_3140*any
ciscofirepower_4215*any
ciscofirepower_4225*any
ciscofirepower_4245*any

References 1

  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.