Cisco Identifies ASA & FTD Bug

by Robinson Roca
Practice Leader – Network Infrastructure

Cisco has identified several security advisories this past week for appliances running Cisco ASA Software and FTD (Firepower Threat Defense) software. If exploited, one of these vulnerabilities could allow an unauthenticated remote attacker to obtain access to sensitive files on the targeted system. This bug affects Cisco ASA and FTD products running a vulnerable software version in combination with a vulnerable AnyConnect or WebVPN configuration.  The combination creates the vulnerability.  If you are running the affected version, and plan on using IKEv2 or WebVPN, we recommend upgrading.

The advisory provides details on identifying the basic configurations for AnyConnect or WebVPN from the “show running-config” CLI command. Affected devices need to upgrade or migrate to a supported software release that includes the fix for this vulnerability.

The exploitation of this vulnerability during a time when remote security is heavily relied on, could be detrimental to your businesses. Helient is actively working on upgrades to our managed services clients.

For reference, below are links to Cisco regarding this and other vulnerability details.

All Available Vulnerabilities:

https://tools.cisco.com/security/center/publicationListing.x

Path Traversal Vulnerability:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43

How to Identify the Vulnerability:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43#affectfield

Affected Version and Configurations:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43#fixedsoftfield

If you would like additional assistance from the Helient professionals, please contact service@helient.com.