Connect with us

Hi, what are you looking for?



Cisco Patches High-Severity DoS Vulnerabilities in ASA, FTD Software

Cisco this week announced the release of a new set of security patches to address multiple vulnerabilities affecting Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software.

Cisco this week announced the release of a new set of security patches to address multiple vulnerabilities affecting Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software.

A dozen of the security errors, all of which were addressed as part of the October 2021 ASA, FTD, and FMC Security Advisory Bundled publication, carry a high severity rating. Most of these can be exploited to achieve a denial of service (DoS) condition, some without authentication.

The most severe of the addressed vulnerabilities is CVE-2021-40116 (CVSS score of 8.6), a security error in Snort rules that could be exploited remotely, without authentication, to cause a DoS condition on an affected device.

The issue, Cisco explains, exists because of “improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints.” An attacker could send crafted IP packets to exploit this flaw and cause traffic to be dropped.

The vulnerability affects only products that have Snort3 and a rule with Block with Reset or Interactive Block with Reset actions configured. All open source Snort3 project releases prior to are vulnerable.

Another severe issue addressed this week is CVE-2021-34783 (CVSS score of 8.6), an insufficient validation of SSL/TLS messages during software-based SSL/TLS decryption. By sending crafted SSL/TLS messages, an attacker could cause the affected device to reload.

This week, Cisco also released patches for multiple vulnerabilities in the CLI of FTD, which could be exploited by a local, authenticated attacker to achieve code execution as root.

Advertisement. Scroll to continue reading.

Other high-severity issues Cisco patched this week include improper error handling in the processing of SSH connections in FTD, directory traversal attack in FMC, and several bugs affecting both ASA and FTD: improper processing of SSL/TLS packets, improper input validation during the parsing of HTTPS requests, improper resource management at high connection rates, and incorrect handling of certain TCP segments.

In addition to these high-severity issues, Cisco this week patched over a dozen medium-severity security holes in ASA and FTD, including flaws that could lead to DoS conditions, the bypass of ALG or other security protections, overwrite of data with root privileges, information leak, or cross-site scripting (XSS) attacks.

Cisco says it is not aware of any of these vulnerabilities being exploited in the wild.

Patches were released for all of these vulnerabilities and, in some cases, workarounds are also available. Further information on the bugs can be found on Cisco’s security portal.

Related: Cisco Patches High-Severity Vulnerabilities in Security Appliances, Business Switches

Related: Cisco Patches Critical Vulnerabilities in IOS XE Software

Related: Cisco Patches High-Severity Security Flaws in IOS XR

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...


A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.