search

rapid7 / metasploit-framework

Metasploit Framework
https://www.metasploit.com/
Other
34.21k stars 13.99k forks source link

Module Suggestion Cisco FTD Static Credential Vulnerability CVE-2024-20412 #19616

Open FlangvikAD opened 2 weeks ago

FlangvikAD commented 2 weeks ago

Summary

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials.

Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability

vysecurity commented 2 weeks ago

Cool, but what the creds?

FlangvikAD commented 2 weeks ago

Cool, but what the creds?

username is csm_processes

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5