Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Cisco Patches High-Severity DoS Vulnerabilities in ASA, FTD Software

Cisco this week announced the release of a new set of security patches to address multiple vulnerabilities affecting Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software.

Cisco this week announced the release of a new set of security patches to address multiple vulnerabilities affecting Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software.

A dozen of the security errors, all of which were addressed as part of the October 2021 ASA, FTD, and FMC Security Advisory Bundled publication, carry a high severity rating. Most of these can be exploited to achieve a denial of service (DoS) condition, some without authentication.

The most severe of the addressed vulnerabilities is CVE-2021-40116 (CVSS score of 8.6), a security error in Snort rules that could be exploited remotely, without authentication, to cause a DoS condition on an affected device.

The issue, Cisco explains, exists because of “improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints.” An attacker could send crafted IP packets to exploit this flaw and cause traffic to be dropped.

The vulnerability affects only products that have Snort3 and a rule with Block with Reset or Interactive Block with Reset actions configured. All open source Snort3 project releases prior to 3.1.0.100 are vulnerable.

Another severe issue addressed this week is CVE-2021-34783 (CVSS score of 8.6), an insufficient validation of SSL/TLS messages during software-based SSL/TLS decryption. By sending crafted SSL/TLS messages, an attacker could cause the affected device to reload.

This week, Cisco also released patches for multiple vulnerabilities in the CLI of FTD, which could be exploited by a local, authenticated attacker to achieve code execution as root.

Other high-severity issues Cisco patched this week include improper error handling in the processing of SSH connections in FTD, directory traversal attack in FMC, and several bugs affecting both ASA and FTD: improper processing of SSL/TLS packets, improper input validation during the parsing of HTTPS requests, improper resource management at high connection rates, and incorrect handling of certain TCP segments.

In addition to these high-severity issues, Cisco this week patched over a dozen medium-severity security holes in ASA and FTD, including flaws that could lead to DoS conditions, the bypass of ALG or other security protections, overwrite of data with root privileges, information leak, or cross-site scripting (XSS) attacks.

Cisco says it is not aware of any of these vulnerabilities being exploited in the wild.

Patches were released for all of these vulnerabilities and, in some cases, workarounds are also available. Further information on the bugs can be found on Cisco’s security portal.

Related: Cisco Patches High-Severity Vulnerabilities in Security Appliances, Business Switches

Related: Cisco Patches Critical Vulnerabilities in IOS XE Software

Related: Cisco Patches High-Severity Security Flaws in IOS XR

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Vulnerabilities

A high-severity format string vulnerability in F5 BIG-IP can be exploited to cause a DoS condition and potentially execute arbitrary code.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.