Cisco firewalls vulnerable to remote takeover

By

Critical vulnerability patched.

Cisco has scrambled to fix a serious vulnerability in its Adaptive Security Appliances and Next-Generation Firewalls products which can be used to remotely take over and reboot the devices.

Cisco firewalls vulnerable to remote takeover

Unauthenticated remote attackers can exploit a bug in the internet key exchange (IKE) version 1 and 2 protocol code running on Cisco ASA software, and trigger a buffer overflow.

IKE is used to authenticate connections and to set up secure virtual private networks, landing on the firewalls.

Security researchers David Barksdale, Jordan Gruskovnjak and Alex Wheeler said the algorithm for reassembling fragmented IKE payloads "contain a bounds-checking flaw that allows a heap buffer to be overflowed with attacker-controlled data".

The vulnerability can be triggered through malformed user datagram protocol (UDP) packets, sent via IP versions 4 and 6 traffic.

"An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system," Cisco warned.

"An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system."

An attacker would have to send the traffic directly to the vulnerable devices, which affects systems that are configured in routed firewall mode only, and in single or multiple context mode.

ASA software in the following Cisco products are affected by the vulnerability:

  • Cisco ASA 5500 Series Adaptive Security Appliances
  • Cisco ASA 5500-X Series Next-Generation Firewalls
  • Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • Cisco ASA 1000V Cloud Firewall
  • Cisco Adaptive Security Virtual Appliance (ASAv)
  • Cisco Firepower 9300 ASA Security Module
  • Cisco ISA 3000 Industrial Security Appliance

Cisco has rated the flaw as the most severe and advised users to update any devices as soon as possible.

Users on Cisco ASA major release 7.2, 8.2, 8.3, 8.6 are affected, with the vendor suggesting they migrate to patched releases 9.1(7) or later.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
asabugciscofirewallsecurity

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?