Virtual Event Today: Cloud & Data Security Summit - Join Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Cisco Patches High-Severity DoS Vulnerabilities in ASA, FTD Software

Cisco this week announced the release of a new set of security patches to address multiple vulnerabilities affecting Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software.

Cisco this week announced the release of a new set of security patches to address multiple vulnerabilities affecting Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software.

A dozen of the security errors, all of which were addressed as part of the October 2021 ASA, FTD, and FMC Security Advisory Bundled publication, carry a high severity rating. Most of these can be exploited to achieve a denial of service (DoS) condition, some without authentication.

The most severe of the addressed vulnerabilities is CVE-2021-40116 (CVSS score of 8.6), a security error in Snort rules that could be exploited remotely, without authentication, to cause a DoS condition on an affected device.

The issue, Cisco explains, exists because of “improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints.” An attacker could send crafted IP packets to exploit this flaw and cause traffic to be dropped.

The vulnerability affects only products that have Snort3 and a rule with Block with Reset or Interactive Block with Reset actions configured. All open source Snort3 project releases prior to 3.1.0.100 are vulnerable.

Another severe issue addressed this week is CVE-2021-34783 (CVSS score of 8.6), an insufficient validation of SSL/TLS messages during software-based SSL/TLS decryption. By sending crafted SSL/TLS messages, an attacker could cause the affected device to reload.

Advertisement. Scroll to continue reading.

This week, Cisco also released patches for multiple vulnerabilities in the CLI of FTD, which could be exploited by a local, authenticated attacker to achieve code execution as root.

Other high-severity issues Cisco patched this week include improper error handling in the processing of SSH connections in FTD, directory traversal attack in FMC, and several bugs affecting both ASA and FTD: improper processing of SSL/TLS packets, improper input validation during the parsing of HTTPS requests, improper resource management at high connection rates, and incorrect handling of certain TCP segments.

In addition to these high-severity issues, Cisco this week patched over a dozen medium-severity security holes in ASA and FTD, including flaws that could lead to DoS conditions, the bypass of ALG or other security protections, overwrite of data with root privileges, information leak, or cross-site scripting (XSS) attacks.

Cisco says it is not aware of any of these vulnerabilities being exploited in the wild.

Patches were released for all of these vulnerabilities and, in some cases, workarounds are also available. Further information on the bugs can be found on Cisco’s security portal.

Related: Cisco Patches High-Severity Vulnerabilities in Security Appliances, Business Switches

Related: Cisco Patches Critical Vulnerabilities in IOS XE Software

Related: Cisco Patches High-Severity Security Flaws in IOS XR

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Jazz has named Sean Robinson, Rickie Goyal, Danielle Guetta, Shani Nago, and Lior Magram as VPs and Michael Calev as COO.

AJ Shipley has been appointed Chief Product Officer at CrowdStrike.

Brinqa has named Ron Dovich as Chief AI and Automation Officer, David Allen as CTO, Steve Biagioni as CFO, and James Walta as VP of Product.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.