Number: AV18-025
Date: 5 February 2018
Purpose
The purpose of this advisory is to bring attention to a recently updated Cisco security advisory.
Assessment
Cisco has modified a security advisory to address a critical vulnerability in Cisco Adaptive Security Appliance (ASA) Software that could allow an unauthenticated remote attacker to cause a reload of the affected system and/or to remotely execute code.
Affected products:
- 3000 Series Industrial Security Appliance (ISA)
- ASA 5500 Series Adaptive Security Appliances
- ASA 5500-X Series Next-Generation Firewalls
- ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
- ASA 1000V Cloud Firewall
- Adaptive Security Virtual Appliance (ASAv)
- Firepower 2100 Series Security Appliance
- Firepower 4110 Security Appliance
- Firepower 4120 Security Appliance
- Firepower 4140 Security Appliance
- Firepower 4150 Security Appliance
- Firepower 9300 ASA Security Module
- Firepower Threat Defense Software (FTD)
- FTD Virtual
CVE References: CVE-2018-0101
Suggested action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1