Last week, Cisco released a security alert for customers that utilize network security devices and their corresponding software. These appliances that are configured with a clientless VPN(WebVPN) software are vulnerable to attackers that seek to gain control through commands. This would give the attacker unlimited access to the device and ultimately the protected network. The device also could potentially reload or block incoming VPN authentication requests.
This vulnerability affects Cisco ASA Software that is running on the following Cisco products:
3000 Series Industrial Security Appliance (ISA)
ASA 5500 Series Adaptive Security Appliances
ASA 5500-X Series Next-Generation Firewalls
ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
ASA 1000V Cloud Firewall
Adaptive Security Virtual Appliance (ASAv)
Firepower 2100 Series Security Appliance
Firepower 4110 Security Appliance
Firepower 4120 Security Appliance
Firepower 4140 Security Appliance
Firepower 4150 Security Appliance
Firepower 9300 ASA Security Module
Firepower Threat Defense Software (FTD)
Cisco has released new software updates February 5th, 2018 that address this vulnerability. The only method of eliminating this threat is by applying a patch to the affected devices. In order to download the patch, Cisco states,
"Customers may only install and expect support for software versions and feature sets for which they have purchased a license....Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades."
If one of your devices is listed and you are a Managed Services client, LeeShanok will be contacting you in the near future to update your software. If you are not a Managed Services client, we can still help evaluate and patch your vulnerabilities. Contact us to schedule service.
LeeShanok takes IT security seriously and it is our duty to inform our clients about potential threats and vulnerabilities that can affect your business. LeeShanok is monitoring the current status of available updates and will continue to inform its clients of any new information. If you have any questions or need assistance with checking and updating your devices, please don't hesitate to contact us.