Cisco ASA Buffer Overflow Vulnerability
On February 10th, Cisco published a security advisory about a major flaw in their ASA line of firewalls. The nature of the vulnerability is such that most of these devices out in production are affected and can be completely taken over by a remote attacker. Furthermore, there is no simple mitigation of this issue. The firmware on these devices must be flashed with an updated version with the fix built in. This means downtime for customers without a fail-over setup.
Due to the severity of this bug, Cisco has been releasing patched firmware to customers that call in even if they do not have a valid support contract with Cisco. Customers in the US can call 800-553-2447 with the serial and model number of their affected device and open a case to get the right software. In many cases, patched firmware for a customer’s specific release will not be available and these devices will have to be upgraded to a later version. This can cause functionality to break and the ASA will have to be reconfigured for the new version. MCS is working with Cisco for our affected customers with active RightTrack agreements now. If you are not covered, please contact MCS if you would like our engineers to take a look at your ASA.
More information about this vulnerability can be found here: