Security Advisory Archives

Cisco ASA / FTD Firewall Critical Vulnerability (CVE-2018-0101)

January 31, 2018

On January 29th 2018 Cisco published a Critical Vulnerability advisory for the Cisco ASA and FTD firewall code, that if exploited could allow an unauthenticated attacker to perform a remote reload of the device (Denial of Service) or launch a Remote Code Execution attack.

This CVE has been assigned a CVSS score of 10. CVSS is scored from 0 to 10, with 10 being the most severe rating.

This vulnerability affects the SSL VPN feature for all models of the Cisco ASA and Firepower Security appliances. In order to exploit this vulnerability the appliance must have the webvpn feature globally configured, with webvpn having at least one interface enabled in its configuration. Cisco has released software updates to address this vulnerability, and it is worth noting that there are no current workarounds available. It is highly recommended that you upgrade to latest fixed version of software for your product, as soon as possible.

UPDATE: Since our original post Cisco have performed further investigations and determined that there are now additional features and threat vectors related to VPN, HTTP and HTTPS services that are vulnerable.

Full advisory details, including how to determine if your device is vulnerable, and how to find the fixed release of software, are located at the following links: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-0101

CVE Entry: CVE-2018-0101

CVSS Score: Base 10.0

Author

Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.

Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.

Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.

SUBSCRIBE

Ironshare is a provider of Information and Cyber Security services.

we went with; wizard pi