CVE-2016-6367
HIGH severity · CVSS 7.8 · Command injection · actively exploited (CISA KEV)
7.8CVSS HIGH ● exploited
🔴 Actively exploited in the wild (CISA Known Exploited Vulnerabilities).
Added to KEV 2022-05-24. US federal agencies must patch by 2022-06-14.
Summary
Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.
Impact & exploitability
Attack vectorLocal
Attack complexityLow
Privileges requiredLow
User interactionNone
Confidentiality impactHigh
Integrity impactHigh
Availability impactHigh
Exploit probability (EPSS)19%
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products we track (1)
Recommendation
This vulnerability is being actively exploited in the wild — patch affected products urgently. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://blogs.cisco.com/security/shadow-brokersAdvisory
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cliAdvisory
- http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516Advisory
- http://blogs.cisco.com/security/shadow-brokersAdvisory
- http://www.securityfocus.com/bid/92520Advisory
- http://www.securitytracker.com/id/1036636Advisory
- https://www.exploit-db.com/exploits/40271/Advisory
- https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zipExploit