Cisco Fixes Security Device Hole

Monday, October 24, 2016 @ 08:10 AM gHale


Cisco patched a critical vulnerability in the Identity Firewall feature of Cisco ASA Software, researchers said.

The flaw, which is a buffer overflow in the affected code area, could allow a remote attacker to execute arbitrary code and obtain full control of the system.

RELATED STORIES
3D Manufacturing Hack Downs Drone
How to Improve ICS Security
DHS Looks to Fund CoE
Federal Cyber Incident Response Plan

“An attacker could exploit this vulnerability by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software,” the company said.

Only traffic directed to the affected system can end up used to exploit it, researchers said.

The flaw affects systems configured in routed and transparent firewall mode and in single or multiple context mode. IPv4 traffic can trigger the flaw.

It is present in software running on multiple Cisco ASA security appliances, modules, virtual appliances, and firewalls, as well as the Cisco ISA 3000 Industrial Security Appliance.

The company released software updates that address the issue and a workaround for those that can’t conduct a patch.

Cisco officials said they do not know of anyone exploiting the vulnerability.

The vulnerability ended up reported to Cisco by two researchers from Chaitin Technology.



Leave a Reply

You must be logged in to post a comment.