Info Advantage Blog

Info Advantage was formed in 1992 for the purpose of specializing in Information Technology consulting, which encompasses business solution development, software development, and platform support from IBM’s midrange to a growing number of Intel based solutions.

Newly Found Cisco Vulnerability Dubbed "Critical" Flaw

cyber-security-1923446_1920

Last week, Cisco released a high-importance alert for their customers who use its Adaptive Security Appliance (ASA) software urging them to patch a critical-level bug that could be easily exploited. This vulnerability affects the VPN feature of the software, and exploiting it could allow a hacker to force a reload of the system, or even remotely take control.

“An attacker could exploit this vulnerability by sending a crafted XML packet to a vulnerable interface on an affected system,” Cisco explains in their warning. “An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, cause a reload of the affected device or stop processing of incoming VPN authentication requests.”

If left unpatched, any devices configured with Cisco’s WebVPN software, including security applications and firewalls, could be easily bypassed by a malicious party. Due to the severity of the vulnerability Cisco has given the issue a Common Vulnerability Scoring System a Critical rating of 10 out of 10.

The following are the vulnerable products identified by Cisco:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 4120 Security Appliance
  • Firepower 4140 Security Appliance
  • Firepower 4150 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)
  • FTD Virtual

Cisco notes that only those ASA devices that have the WebVPN feature enabled are vulnerable, but encourage all their users to patch their systems as soon as possible. As of now, Cisco says they are not aware of any attacks that have taken advantage of this vulnerability.

Cedric Halbronn from the NCC group explained how he was able to exploit the flaw at last weekend’s Recon Brussels conference. He detailed their use of a fuzzer, a software testing technique that injects random, invalid data into a program to see how it withstands it. The fuzzer allowed Halbronn and his team to discover and exploit the bug.

An initial patch was released at the same time as Cisco’s initial announcement of the vulnerability. A second, more complete version was released on February 5th.

“After further investigation, Cisco has identified additional attack vectors and features that are affected by this vulnerability. In addition, it was also found that the original fix was incomplete so new fixed code versions are now available.”

To make sure all of your Cisco software are up-to-date, contact the Cisco Technical Assistance Center or call Info Advantage at (585) 254-8710 to talk to a specialist.

Simple Security Tips for the Non-Technical
Why Forcing Password Changes Isn't Always the Best...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 22 February 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Support Options

  • Phone Support +

    Speak to a support team member on the phone!

    Phone: (585) 254-8710
    Fax: (585) 254-8766

  • Ticket By Email +

    Send an email to the Help Desk to create a ticket automatically and communicate with your team or any member.

    Submit A Ticket

  • Ticket By Portal +

    Create and manage tickets via our secure online Help Desk Portal. (Members Only Requires login)

    Enter Support Portal

  • 1

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security technology Tip of the Week Best Practices Privacy Current Events Productivity technology solutions Hackers malware backup Software Business Management Ransomware cloud cyber attacks Business practice Business Continuity Mobility Disaster Recovery Microsoft Innovation Hardware Network Security Computer Avoiding Downtime Internet business Efficiency Quick Tips Mobile Devices hardware solutions Office tips Business Computing Windows 10 Flexibility Laptop data breach Health Law Enforcement Passwords Education Wi-Fi cyber criminals voip email Social Operating System phone systems Identity Theft IT Communication Antivirus Humor Miscellaneous Personal Information Risk Management Mobile Computing servers Money IT Support Information Technology Office 365 Saving Money Automation data Application internet user IT Services Smartphone Facebook History Small Business Upgrade cloud capabilities byod Router cars iPhone Virtual Reality Internet Protocol Government Scalability Workplace Tips Encryption Data recovery spam Update Google Net worth emails HaaS hardware refreshes Reputation How To Microsoft Office ecommerce intel time Marketing Windows threats Search Managing Stress Hosted Solutions Alert Cybercrime Apps Wireless virtualized servers Text Messaging Video Games Recovery Battery Employer-Employee Relationship holiday business continuity plan Remote Computing ATMs Point of Sale downtime Artificial Intelligence Password Managed IT Services content Virtualization Automobile Server Software-based phone systems Legal Gadgets BDR Private Cloud Users Social Media Worker Commute VoIP right Touchpad Instant Messaging PDF Work/Life Balance Google Drive VPN computer network End of Support Telephone Systems Black Market Robot User Tips Internet Exlporer Telephony Entertainment Advertising Hosted Solution Relocation USB Smartphones

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name