Info Advantage Blog

Info Advantage was formed in 1992 for the purpose of specializing in Information Technology consulting, which encompasses business solution development, software development, and platform support from IBM’s midrange to a growing number of Intel based solutions.

Newly Found Cisco Vulnerability Dubbed "Critical" Flaw

cyber-security-1923446_1920

Last week, Cisco released a high-importance alert for their customers who use its Adaptive Security Appliance (ASA) software urging them to patch a critical-level bug that could be easily exploited. This vulnerability affects the VPN feature of the software, and exploiting it could allow a hacker to force a reload of the system, or even remotely take control.

“An attacker could exploit this vulnerability by sending a crafted XML packet to a vulnerable interface on an affected system,” Cisco explains in their warning. “An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, cause a reload of the affected device or stop processing of incoming VPN authentication requests.”

If left unpatched, any devices configured with Cisco’s WebVPN software, including security applications and firewalls, could be easily bypassed by a malicious party. Due to the severity of the vulnerability Cisco has given the issue a Common Vulnerability Scoring System a Critical rating of 10 out of 10.

The following are the vulnerable products identified by Cisco:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 4120 Security Appliance
  • Firepower 4140 Security Appliance
  • Firepower 4150 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)
  • FTD Virtual

Cisco notes that only those ASA devices that have the WebVPN feature enabled are vulnerable, but encourage all their users to patch their systems as soon as possible. As of now, Cisco says they are not aware of any attacks that have taken advantage of this vulnerability.

Cedric Halbronn from the NCC group explained how he was able to exploit the flaw at last weekend’s Recon Brussels conference. He detailed their use of a fuzzer, a software testing technique that injects random, invalid data into a program to see how it withstands it. The fuzzer allowed Halbronn and his team to discover and exploit the bug.

An initial patch was released at the same time as Cisco’s initial announcement of the vulnerability. A second, more complete version was released on February 5th.

“After further investigation, Cisco has identified additional attack vectors and features that are affected by this vulnerability. In addition, it was also found that the original fix was incomplete so new fixed code versions are now available.”

To make sure all of your Cisco software are up-to-date, contact the Cisco Technical Assistance Center or call Info Advantage at (585) 254-8710 to talk to a specialist.

Simple Security Tips for the Non-Technical
Why Forcing Password Changes Isn't Always the Best...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 23 May 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Support Options

  • Phone Support +

    Speak to a support team member on the phone!

    Phone: (585) 254-8710
    Fax: (585) 254-8766

  • Ticket By Email +

    Send an email to the Help Desk to create a ticket automatically and communicate with your team or any member.

    Submit A Ticket

  • Ticket By Portal +

    Create and manage tickets via our secure online Help Desk Portal. (Members Only Requires login)

    Enter Support Portal

  • 1

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security technology Tip of the Week Best Practices Privacy Current Events Hackers malware technology solutions cyber attacks Business practice Software Business Management backup Ransomware Productivity Microsoft Innovation Hardware cloud Network Security Business Continuity Mobility Computer Disaster Recovery Avoiding Downtime Internet business Quick Tips Efficiency Office tips Business Computing Mobile Devices Windows 10 hardware solutions Health Law Enforcement Passwords Flexibility data breach email Education Social cyber criminals Wi-Fi Operating System Laptop Communication cloud capabilities Miscellaneous Humor IT Personal Information Mobile Computing Money Antivirus Information Technology Saving Money Automation Smartphone IT Services Facebook History Risk Management servers Small Business IT Support Upgrade Office 365 data Application internet user voip Password downtime content Virtualization Automobile Legal Google Software-based phone systems Reputation HaaS byod phone systems cars Virtual Reality Marketing Identity Theft Scalability Search Windows Internet Protocol Workplace Tips Encryption Alert Data recovery Update spam Apps Net worth Wireless How To emails hardware refreshes Text Messaging ecommerce Microsoft Office Employer-Employee Relationship intel time threats Managing Stress Cybercrime Artificial Intelligence Managed IT Services virtualized servers Server Gadgets Video Games Recovery holiday Battery Router Remote Computing iPhone business continuity plan Government Point of Sale Telephony Entertainment Touchpad USB PDF BDR Google Drive Hosted Solutions Worker Commute VoIP right Instant Messaging Work/Life Balance End of Support VPN Internet Exlporer Robot computer network Advertising Hosted Solution Relocation Smartphones Private Cloud Users Telephone Systems ATMs Black Market Social Media User Tips

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name