Critical Patch Update for Cisco Adaptive Security Appliance (ASA)
Cisco has issued a warning to customers using Adaptive Security Appliance (ASA) software to patch a critical VPN vulnerability.

 

Summary from Cisco

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.

 

The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device.

 

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1

 

Cerium Networks provides quality information to its customers. We rely on some outside sources and do not guarantee the accuracy or completeness of the information contained in links associated with this message.

Related Articles

A sampling of other articles you may enjoy if you liked this one.

Cerium Networks Now Holds One of Very Few Cisco ATP Contact Center Enterprise (ACCE) Authorizations!
Feb 3, 2020

Cerium Networks announced today that it has achieved the Unified Contact Center Enterprise Authorize...

Read More
Cerium Expands into Utah
Jan 17, 2020

Headquartered in Spokane, WA, Cerium Networks operates from eight offices across the Northwest, empl...

Read More
Will Technology Take My Job?
Dec 10, 2019

Will Technology Take My Job? Fueled by advances in artificial intelligence (AI), robotics, and new ...

Read More
For Emergency Support call: (877) 423-7486
For other support requests or to access your Cerium 1463° portal click here
Stay in the Know

Stay in the Know

Don't miss out on critical security advisories, industry news, and technology insights from our experts. Sign up today!

You have Successfully Subscribed!