Cisco Secuirty Advisory: Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability cisco-sa-20180129-asa1
February 2, 2018
Yet another big one. For all out there that are using webvpn (anyconnect) feature please verify if you are vulnerable.
Snippet from the Advisory ID:
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.
Vulnerable Products
This vulnerability affects Cisco ASA Software that is running on the following Cisco products:
- 3000 Series Industrial Security Appliance (ISA)
- ASA 5500 Series Adaptive Security Appliances
- ASA 5500-X Series Next-Generation Firewalls
- ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
- ASA 1000V Cloud Firewall
- Adaptive Security Virtual Appliance (ASAv)
- Firepower 2100 Series Security Appliance
- Firepower 4110 Security Appliance
- Firepower 9300 ASA Security Module
- Firepower Threat Defense Software (FTD)
I would strongly advise to confirm if your product is running on fixed release or not.
For more details please refer to Cisco Advisory URL
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1