Privilege Escalation and Malicious Library Loading Vulnerabilities in Cisco ASA Smart Tunnel Functionality

CVE-2019-1945 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these vulnerabilities, see the Details section of this security advisory.

Learn more about our Cis Benchmark Audit For Cisco.