Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Cisco Patches High Severity Vulnerabilities in Security Products

Cisco Patches High Severity Vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Cisco this week released security updates to address more than 30 vulnerabilities in various products, including 12 high severity flaws impacting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD).

Cisco Patches High Severity Vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Cisco this week released security updates to address more than 30 vulnerabilities in various products, including 12 high severity flaws impacting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD).

The most important of these issues is tracked as CVE-2020-3187 (CVSS score of 9.1) and could be exploited to conduct directory traversal attacks and then read or delete sensitive files on a vulnerable system. 

The issue, Cisco explains, resides in the lack of proper input validation of the HTTP URL, thus allowing an attacker to send a crafted HTTP request that includes directory traversal character sequences. Files that are deleted abusing this flaw are restored when the device is reloaded after exploitation.

“The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files,” Cisco explains. 

Cisco has released software updates that fix the vulnerability: ASA Software Releases 9.6.4.40, 9.8.4.15, 9.9.2.66, 9.10.1.37, 9.12.3.2, and 9.13.1.7; and FTD Software Release 6.4.0.8 and 6.5.0.4 (future releases 6.2.3.16 and 6.3.0.6 also include the patches). 

The company also addressed denial of service bugs in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler (CVE-2020-3283), VPN System Logging functionality (CVE-2020-3189), and generic routing encapsulation (GRE) tunnel decapsulation feature (CVE-2020-3179) of FTD, and in the DNS over IPv6 packet processing (CVE-2020-3191), Media Gateway Control Protocol (MGCP) inspection feature (CVE-2020-3254), SSL/TLS handler (CVE-2020-3196), and Open Shortest Path First (OSPF) implementation (CVE-2020-3298) of ASA and FTD.

Advertisement. Scroll to continue reading.

Other high risk flaws patched this week include an authentication bypass residing in the Kerberos authentication feature of ASA (CVE-2020-3125), information disclosure in the web services interface of ASA and FTD (CVE-2020-3259), and a memory leak in the Open Shortest Path First (OSPF) implementation in ASA and FTD (CVE-2020-3195).

Cisco has released software updates that fix these vulnerabilities, but complete patches are not available for all of the impacted products. The company says it is not aware of the existence of public exploits for these issues, or of attackers targeting them in the wild. 

In addition to these flaws, Cisco published advisories of 23 medium severity vulnerabilities in FTD On-Box software, Umbrella, Integrated Management Controller (IMC) Supervisor, UCS Director, UCS Director Express for Big Data, FTD, Content Security Management Appliance (SMA), Hosted Collaboration Mediation Fulfillment (HCM-F), ASA, Firepower Management Center (FMC), and Firepower User Agent.

These flaws include XML parsing, carriage return line feed (CRLF) injection, disabling of user accounts, SSL/TLS URL category bypass, bypass of configured file policies, open redirect, signature checks bypass, XML external expansion, shell access, denial of service, information disclosure, access list bypass, cross-site scripting (XSS), static credential, arbitrary file overwrite, and arbitrary log file write issues.  

Full details on all of these vulnerabilities are available on Cisco’s support website.

Related: Cisco Patches Critical Vulnerability in Network Security Tool

Related: Cisco DCNM Users Warned of Serious Vulnerabilities

Related: Cisco Discovery Protocol Flaws Expose Tens of Millions of Devices to Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...