Cisco released a patch for a critical security vulnerability affecting its Internet Key Exchange version 1 (IKEv1) and version 2 (IKEv2) of ASA software, the operating system that runs the company's Adaptive Security Appliance security devices. The flaw allows attackers to remotely execute code or reload affected systems and take over Adaptive Security Appliance (ASA) firewalls.
The bug, a buffer overflow, is exploited by an attacker sending data packets to the system and results in the attacker gaining full control of the system.
According to a security advisory issued by Cisco, the company's ASA devises are vulnerable if the products are used in virtual point-to-point connection and connect to the LAN-to-LAN IPsec VPN, remote access VPN using the IPsec VPN client, or Layer 2 Tunneling Protocol (L2TP)-over-IPsec VPN connections IKEv2 AnyConnect as a termination point.
The vulnerability was rated with a score of 10.0 in the Common Vulnerability Scoring System. Cisco said affected products include ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 9300 ASA Security Module, and ISA 3000 Industrial Security Appliance.
Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.
For more information click here