Security News > 2021 > April > Several High-Severity Vulnerabilities Expose Cisco Firewalls to Remote Attacks
Cisco this week released patches for multiple vulnerabilities in Firepower Threat Defense software, including high-severity issues that could be exploited for arbitrary command execution or denial-of-service attacks.
An attacker able to abuse it may execute arbitrary commands as root on the underlying OS. The flaw exists because user-supplied command arguments aren't sufficiently validated, and affects Firepower 4100 and Firepower 9300 series appliances.
Remote, unauthenticated attackers could exploit this vulnerability by sending a "Crafted SSL/TLS message through an affected device." However, messages that are sent to the affected device won't trigger the bug, Cisco notes.
Affected devices include 3000 series industrial security appliances, ASA 5512-X/ASA 5515-X/ASA 5525-X/ASA 5545-X/ASA 5555-X adaptive security appliances, Firepower 1000/2100 series, and Firepower Threat Defense Virtual products.
Cisco says it is not aware of these vulnerabilities being exploited in attacks in the wild, but nonetheless recommends installing the available patches as soon as possible, to avoid possible cyber-security incidents.
Information on all of these vulnerabilities and on the patches released for them is available on Cisco's security portal.
News URL
Related news
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) (source)
- Palo Alto Networks patches two firewall zero-days used in attacks (source)
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US names Chinese national it alleges was behind 2020 attack on Sophos firewalls (source)