Cisco Systems released an updated advisory regarding a zero-day vulnerability CVE-2021-1585 in its Adaptive Security Device Manager (ADSM) Launcher that results in arbitrary remote code execution (RCE) on user operating systems. There is currently no work-around or patch released for versions 9.16.1 and earlier. The ADSM is essentially a web-based GUI for the management of Cisco Adaptive Security Appliance (ASA) firewalls and Cisco AnyConnect Secure Mobility Client. Due to lack of proper signature verification between the ADSM implementation and the Launcher, a man in the middle (MITM) attack can be executed to inject arbitrary code, leading to arbitrary remote code execution with the privileges on a user operating system assigned to the ASDM Launcher.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is