CVE-2020-3167: 
Cisco Adaptive Security Appliance (ASA) vulnerability analysis and mitigation

A command injection vulnerability (CVE-2020-3167) was discovered in the Command Line Interface (CLI) of Cisco FXOS Software and Cisco UCS Manager Software. The vulnerability was disclosed on February 26, 2020, affecting multiple Cisco platforms including Firepower 1000 Series, Firepower 2100 Series, Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS 6200 Series devices (NVD, Cisco ERP).

The vulnerability stems from insufficient input validation in the CLI interface. This security flaw allows authenticated, local attackers to execute arbitrary commands on the underlying operating system by including crafted arguments to specific commands. The vulnerability has been assigned a CVSS score of 7.8 (High severity). On most affected platforms, the commands are executed with the privileges of the logged-in user, except for Cisco UCS 6400 Series Fabric Interconnects where the commands are executed with root privileges (CVE Mitre).

The successful exploitation of this vulnerability could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system. The impact is particularly severe for Cisco UCS 6400 Series Fabric Interconnects, where the injected commands are executed with root privileges, potentially leading to complete system compromise (NVD).

Cisco has addressed this vulnerability through software updates. Users are advised to update their affected systems to the latest software version that contains the fix (Cisco Advisory).