HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2012-4661

CVSS 9.0v2.0pub. 2012-10-29upd. 2026-04-29

Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522.

CVSS Vector
AV:N/AC:M/Au:N/C:C/I:P/A:C
  • Cisco 5500 Series Adaptive Security Appliance

    HW
    Cisco
    wszystkie wersje
  • Cisco 7600 Router

    HW
    Cisco
    wszystkie wersje
  • Cisco Adaptive Security Appliance Software

    OS
    Cisco
    8.3\(1\)8.3\(2\)8.48.4\(1\)8.4\(1.11\)8.4\(2\)8.4\(2.11\)8.58.5\(1\)8.5\(1.4\)8.68.6\(1\)
  • Cisco Catalyst 6500

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 6503 E

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 6504 E

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 6506 E

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 6509 E

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 6509 Neb A

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 6509 V E

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 6513

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 6513 E

    HW
    Cisco
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCEMemoryFirewall
CWE
References

Related vulnerabilities

CVE-2025-20333CRITICAL9.9⚠ KEVPL ✓ten sam produkt

RCE jako root w Cisco ASA i FTD poprzez podatny serwer VPN web

CVE-2025-20363CRITICAL9.0PL ✓ten sam produkt

RCE w web services Cisco ASA, FTD, IOS, IOS XE, IOS XR przez HTTP

CVE-2024-20329CRITICAL9.9PL ✓ten sam produkt

RCE w podsystemie SSH Cisco ASA — wykonanie poleceń jako root

CVE-2020-3125CRITICAL9.8ten sam produkt

A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) Software cou...

CVE-2020-3187CRITICAL9.1ten sam produkt

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Fi...