<img src="//bat.bing.com/action/0?ti=5794969&amp;Ver=2" height="0" width="0" style="display:none; visibility: hidden;">

Have you patched the ASA vulnerability in your Cisco networking software?

[fa icon="long-arrow-left"] Back to all posts

[fa icon="pencil'] Posted by Lewan Solutions [fa icon="calendar"] February 26, 2018

Cisco has disclosed an Adaptive Security Appliance (ASA) Remote Code Execution and Denial of Service vulnerability that could affect your Cisco ASA and Cisco Next-Generation Firewall platforms.

The vulnerability, CVE-2018-0101, will allow a malicious individual to send specially crafted XML to your device and have it reboot or stop processing VPN traffic. This attack is currently being used and is not limited to the lab environments.

Craig Williams, a Cisco researcher and director of outreach for Cisco's Talos security team confirmed:

The vulnerability is due to allocating and freeing memory during the processing of the malicious XML payload. In the lab, this has also been shown to allow remote code execution to take over a device. As of yet, no one has reported a successful take over in the real world. Even so, it’s critical to patch your devices using this advisory documentation: Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability

lewan-cisco-asa-vulnerability.png

Photo Credit: Cisco

This vulnerability affects Cisco ASA Software that is running on the following Cisco products:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 4120 Security Appliance
  • Firepower 4140 Security Appliance
  • Firepower 4150 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)
  • FTD Virtual (FTDv)

Fixed release versions are:

Cisco ASA Major Release   First Fixed Release
8.x1 Affected; migrate to 9.1.7.23
9.01 Affected; migrate to 9.1.7.23
9.1 9.1.7.23
9.2 9.2.4.27
9.31 Affected; migrate to 9.4.4.16
9.4 9.4.4.16
9.51 Affected; migrate to 9.6.4.3
9.6 9.6.4.3
9.7 9.7.1.21
9.8 9.8.2.20
9.9 9.9.1.2

1 ASA Software releases prior to 9.1, including all 8.x releases, and ASA releases 9.3 and 9.5 have reached End of Software Maintenance. Customers should migrate to a supported release.

If you’re unsure how vulnerable your company is to this Cisco exploit, need help patching, or you want to work with a managed security provider to ensure you are secure, Contact Us for a consultation to see how we can protect your business, your end users and your customers from a  network take down.

Topics: Information Security, Data Security, Email Security

Lewan Solutions
Written by Lewan Solutions

  • View & Submit Comments

[fa icon="envelope"] Subscribe to Email Updates



[fa icon="comments-o"] Follow us

Get even more great content, photos, event info and industry news.



[fa icon="calendar"] Recent Posts