CVE-2024-20359 [Exploited] | Cisco Adaptive Security Appliance… Code Injection

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.

EDB-ID	Source	Kind	Published	Link
—	nvd_ref	exploit_tag		Exploit-DB ↗

EDB-ID

Source

Kind

Published

Link

—

nvd_ref

exploit_tag

Exploit-DB ↗

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-15	0.13%	16.86%	+16.73%
2	2026-05-22	0.19%	0.13%	-0.06%
3	2025-11-21	—	0.19%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-15

0.13%

16.86%

+16.73%

2026-05-22

0.19%

0.13%

-0.06%

2025-11-21

—

0.19%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
6.0	3.1	MEDIUM	`CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:H) They need powerful rights—admin, root, or similar—before this pays off. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:H) Serious risk that confidential data gets exposed in a big way. Integrity (I:H) They could widely tamper with or forge data—trust in the data is badly hurt. Availability (A:N) Service keeps running; no real outage angle.	0.8	5.2	[email protected]
6.0	3.1	MEDIUM	`CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:H) They need powerful rights—admin, root, or similar—before this pays off. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:H) Serious risk that confidential data gets exposed in a big way. Integrity (I:H) They could widely tamper with or forge data—trust in the data is badly hurt. Availability (A:N) Service keeps running; no real outage angle.	0.8	5.2	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

6.0

3.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:H): They need powerful rights—admin, root, or similar—before this pays off.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H): Serious risk that confidential data gets exposed in a big way.
Integrity (I:H): They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:N): Service keeps running; no real outage angle.

0.8

5.2

[email protected]

6.0

3.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:H): They need powerful rights—admin, root, or similar—before this pays off.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H): Serious risk that confidential data gets exposed in a big way.
Integrity (I:H): They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:N): Service keeps running; no real outage angle.

0.8

5.2

[email protected]

Affected software / configurations for CVE-2024-20359

References for CVE-2024-20359

URL	Tags
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h	Vendor Advisory
https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/	Exploit Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-20359	US Government Resource

URL

CVE-2024-20359

CISA KEV Record for CVE-2024-20359

Public exploit references (Exploit-DB) for CVE-2024-20359

Exploit prediction scoring system (EPSS) score for CVE-2024-20359

Common vulnerability scoring system (CVSS) metrics for CVE-2024-20359

Weakness enumeration for CVE-2024-20359

Affected software / configurations for CVE-2024-20359

References for CVE-2024-20359

Vendor	Product	Version	Raw CPE
cisco	adaptive_security_appliance_software	9.8.1	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:::::::*
cisco	adaptive_security_appliance_software	9.8.1.5	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:::::::*
cisco	adaptive_security_appliance_software	9.8.1.7	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:::::::*
cisco	adaptive_security_appliance_software	9.8.2	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:::::::*
cisco	adaptive_security_appliance_software	9.8.2.8	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:::::::*
cisco	adaptive_security_appliance_software	9.8.2.14	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:::::::*
cisco	adaptive_security_appliance_software	9.8.2.15	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:::::::*
cisco	adaptive_security_appliance_software	9.8.2.17	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:::::::*
cisco	adaptive_security_appliance_software	9.8.2.20	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:::::::*
cisco	adaptive_security_appliance_software	9.8.2.24	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:::::::*
cisco	adaptive_security_appliance_software	9.8.2.26	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:::::::*
cisco	adaptive_security_appliance_software	9.8.2.28	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:::::::*
cisco	adaptive_security_appliance_software	9.8.2.33	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:::::::*
cisco	adaptive_security_appliance_software	9.8.2.35	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:::::::*
cisco	adaptive_security_appliance_software	9.8.2.38	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:::::::*
cisco	adaptive_security_appliance_software	9.8.3	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:::::::*
cisco	adaptive_security_appliance_software	9.8.3.8	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:::::::*
cisco	adaptive_security_appliance_software	9.8.3.11	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:::::::*
cisco	adaptive_security_appliance_software	9.8.3.14	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:::::::*
cisco	adaptive_security_appliance_software	9.8.3.16	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:::::::*
cisco	adaptive_security_appliance_software	9.8.3.18	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:::::::*
cisco	adaptive_security_appliance_software	9.8.3.21	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:::::::*
cisco	adaptive_security_appliance_software	9.8.3.26	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:::::::*
cisco	adaptive_security_appliance_software	9.8.3.29	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:::::::*
cisco	adaptive_security_appliance_software	9.8.4	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:::::::*
cisco	adaptive_security_appliance_software	9.8.4.3	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:::::::*
cisco	adaptive_security_appliance_software	9.8.4.7	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:::::::*
cisco	adaptive_security_appliance_software	9.8.4.8	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:::::::*
cisco	adaptive_security_appliance_software	9.8.4.10	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:::::::*
cisco	adaptive_security_appliance_software	9.8.4.12	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:::::::*
cisco	adaptive_security_appliance_software	9.8.4.15	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:::::::*
cisco	adaptive_security_appliance_software	9.8.4.17	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:::::::*
cisco	adaptive_security_appliance_software	9.8.4.20	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:::::::*
cisco	adaptive_security_appliance_software	9.8.4.22	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:::::::*
cisco	adaptive_security_appliance_software	9.8.4.25	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:::::::*
cisco	adaptive_security_appliance_software	9.8.4.26	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:::::::*
cisco	adaptive_security_appliance_software	9.8.4.29	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:::::::*
cisco	adaptive_security_appliance_software	9.8.4.32	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:::::::*
cisco	adaptive_security_appliance_software	9.8.4.33	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:::::::*
cisco	adaptive_security_appliance_software	9.8.4.34	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:::::::*
cisco	adaptive_security_appliance_software	9.8.4.35	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:::::::*
cisco	adaptive_security_appliance_software	9.8.4.39	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:::::::*
cisco	adaptive_security_appliance_software	9.8.4.40	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:::::::*
cisco	adaptive_security_appliance_software	9.8.4.41	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:::::::*
cisco	adaptive_security_appliance_software	9.8.4.43	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:::::::*
cisco	adaptive_security_appliance_software	9.8.4.44	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:::::::*
cisco	adaptive_security_appliance_software	9.8.4.45	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:::::::*
cisco	adaptive_security_appliance_software	9.8.4.46	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:::::::*
cisco	adaptive_security_appliance_software	9.8.4.48	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:::::::*
cisco	adaptive_security_appliance_software	9.12.1	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:::::::*
cisco	adaptive_security_appliance_software	9.12.1.2	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:::::::*
cisco	adaptive_security_appliance_software	9.12.1.3	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:::::::*
cisco	adaptive_security_appliance_software	9.12.2	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:::::::*
cisco	adaptive_security_appliance_software	9.12.2.1	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:::::::*
cisco	adaptive_security_appliance_software	9.12.2.4	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:::::::*
cisco	adaptive_security_appliance_software	9.12.2.5	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:::::::*
cisco	adaptive_security_appliance_software	9.12.2.9	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:::::::*
cisco	adaptive_security_appliance_software	9.12.3	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:::::::*
cisco	adaptive_security_appliance_software	9.12.3.2	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:::::::*
cisco	adaptive_security_appliance_software	9.12.3.7	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:::::::*
cisco	adaptive_security_appliance_software	9.12.3.9	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:::::::*
cisco	adaptive_security_appliance_software	9.12.3.12	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:::::::*
cisco	adaptive_security_appliance_software	9.12.4	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:::::::*
cisco	adaptive_security_appliance_software	9.12.4.2	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:::::::*
cisco	adaptive_security_appliance_software	9.12.4.4	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:::::::*
cisco	adaptive_security_appliance_software	9.12.4.7	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:::::::*
cisco	adaptive_security_appliance_software	9.12.4.8	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:::::::*
cisco	adaptive_security_appliance_software	9.12.4.10	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:::::::*
cisco	adaptive_security_appliance_software	9.12.4.13	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:::::::*
cisco	adaptive_security_appliance_software	9.12.4.18	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:::::::*
cisco	adaptive_security_appliance_software	9.12.4.24	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:::::::*
cisco	adaptive_security_appliance_software	9.12.4.26	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:::::::*
cisco	adaptive_security_appliance_software	9.12.4.29	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:::::::*
cisco	adaptive_security_appliance_software	9.12.4.30	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:::::::*
cisco	adaptive_security_appliance_software	9.12.4.35	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:::::::*
cisco	adaptive_security_appliance_software	9.12.4.37	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:::::::*
cisco	adaptive_security_appliance_software	9.12.4.38	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:::::::*
cisco	adaptive_security_appliance_software	9.12.4.39	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:::::::*
cisco	adaptive_security_appliance_software	9.12.4.40	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:::::::*
cisco	adaptive_security_appliance_software	9.12.4.41	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:::::::*