CVE-2020-3166: 
Cisco Adaptive Security Appliance (ASA) vulnerability analysis and mitigation

A vulnerability in the Command Line Interface (CLI) of Cisco FXOS Software was identified as CVE-2020-3166. The vulnerability, disclosed on February 26, 2020, allows an authenticated, local attacker to read or write arbitrary files on the underlying operating system. This security flaw affects Cisco FXOS Software and is due to insufficient input validation (Cisco Advisory, NVD).

The vulnerability stems from insufficient input validation in the CLI of Cisco FXOS Software. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. The vulnerability has been assigned a CVSS v3.1 base score of 6.7 (Medium), with the following vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. This indicates local access is required, with high privileges needed, but no user interaction is necessary (NVD).

A successful exploitation of this vulnerability could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system. This could potentially lead to unauthorized access to sensitive information, system file modification, or other security compromises (Cisco Advisory).

No workarounds are available for this vulnerability. The solution is to apply the appropriate software updates as released by Cisco (Cisco Advisory).