Cisco reports more than 35 vulnerabilities in firewall products
Cisco's ASA, Firepower and Secure Firewall Management Center have security vulnerabilities, some of which are critical. More than 35 updates are now available.
Vulnerabilities threaten Cisco devices.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
There are some critical security gaps in Cisco firewall products. The manufacturer has now published numerous security notifications with associated software updates to correct the problems.
On Cisco's overview page for vulnerability reports, the developers posted 37 reports on Thursday night, only one of which updates a report from November 2023. Three of the security reports deal with vulnerabilities classified as critical risk, eleven with high risk, 21 vulnerabilities classified as medium threat level and one further report is of an informative nature without risk assessment.
Several Cisco products affected
The vulnerabilities affect Cisco's Firepower Threat Defense software, the Secure Firewall Management Center software and Cisco's Adaptive Security Appliances. IT managers should check whether they are using vulnerable products and apply available updates or use available workarounds if necessary.
The list of security messages classified as critical or high-risk:
- Cisco Secure Firewall Management Center Software Command Injection Vulnerability CVSS 9.9, risk"critical"
- Cisco Adaptive Security Appliance Software SSH Remote Command Injection Vulnerability CVSS 9.9, critical
- Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability CVSS 9.3, critical
- Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TCP/IP Traffic with Snort 2 and Snort 3 Denial of Service Vulnerability CVSS 8.6, high
- Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Appliances TCP UDP Snort 2 and Snort 3 Denial of Service Vulnerability CVSS 8.6, high
- Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability CVSS 8.6, high
- Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL VPN Denial of Service Vulnerability CVSS 8.6, high
- Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL VPN Memory Management Denial of Service Vulnerability CVSS 8.6, high
- Cisco Adaptive Security Appliance and Firepower Threat Defense Software IKEv2 VPN Denial of Service Vulnerability CVSS 8.6, high
- Cisco Adaptive Security Appliance and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability CVSS 8.6, high
- Cisco Adaptive Security Appliance and Firepower Threat Defense Software TLS Denial of Service Vulnerability CVSS 8.6, high
- Cisco Adaptive Security Appliance and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability CVSS 7.7, high
- Cisco Adaptive Security Appliance and Firepower Threat Defense Software SNMP Denial of Service Vulnerability CVSS 7.7, high
- Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability CVSS 6.0, deviating classified as"high" risk
The other vulnerability reports can be found in Cisco's overview.
Last weekend, it became known that attackers had gained access to Cisco data in a DevHub portal. Cisco has confirmed the attack and also that data has been leaked. However, Cisco's own systems are not said to have been directly affected.
(dmk)