Cisco Secuirty Advisory: Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability cisco-sa-20180129-asa1
February 2, 2018
Yet another big one. For all out there that are using webvpn (anyconnect) feature please verify if you are vulnerable.
Snippet from the Advisory ID:
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.
Vulnerable Products
This vulnerability affects Cisco ASA Software that is running on the following Cisco products:
- 3000 Series Industrial Security Appliance (ISA)
- ASA 5500 Series Adaptive Security Appliances
- ASA 5500-X Series Next-Generation Firewalls
- ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
- ASA 1000V Cloud Firewall
- Adaptive Security Virtual Appliance (ASAv)
- Firepower 2100 Series Security Appliance
- Firepower 4110 Security Appliance
- Firepower 9300 ASA Security Module
- Firepower Threat Defense Software (FTD)
I would strongly advise to confirm if your product is running on fixed release or not.
For more details please refer to Cisco Advisory URL
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1
About The Author
Bart Dworzanczyk
Bart is passionate about new technologies and their impact on our lives. He does not believe in titles or amount of certifications but positive attitude and motivation. Simply the guy that make things happen. You can reach him via Linkedin or meet him on CSGO. Currently focusing on architecting and designing custom-build hybrid cloud solutions around IaaS, DRaaS, BaaS realm.