1. Home
  2. Mapping Frameworks
  3. CVE Home
  4. Cisco Firepower Threat Defense Software

CVE CVE-2020-3309 Mappings

A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by uploading a malicious file to an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on as well as modify the underlying operating system of an affected device.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-3309 Cisco Firepower Threat Defense Software primary_impact T1574 Hijack Execution Flow
CVE-2020-3309 Cisco Firepower Threat Defense Software secondary_impact T1565.001 Stored Data Manipulation
CVE-2020-3309 Cisco Firepower Threat Defense Software exploitation_technique T1190 Exploit Public-Facing Application
CVE-2020-3309 Cisco Firepower Threat Defense Software exploitation_technique T1133 External Remote Services