Cisco Secuirty Advisory: Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability cisco-sa-20180129-asa1

Yet another big one. For all out there that are using webvpn (anyconnect) feature please verify if you are vulnerable.

Snippet from the Advisory ID:

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.

Vulnerable Products

This vulnerability affects Cisco ASA Software that is running on the following Cisco products:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)

I would strongly advise to confirm if your product is running on fixed release or not.

For more details please refer to Cisco Advisory URL




Add a Comment

Your email address will not be published.