Skip to content
CybersecurityExplore Symphony's Tech UniverseGeneral-newsCrime-and-justice

Unaddressed vulnerabilities persist in popular Cisco firewall models for extended periods

Attackers can exploit many weaknesses, enabling them to run unauthorized code, according to Rapid7 experts.

 and  Administrator
2 min read
Unaddressed vulnerabilities discovered in prevalent Cisco firewalls, persisting for extended...
Unaddressed vulnerabilities discovered in prevalent Cisco firewalls, persisting for extended periods

In a recent presentation at Black Hat USA in Las Vegas, Rapid7 researchers revealed the discovery of unpatched vulnerabilities in Cisco's Adaptive Security Appliance (ASA). These vulnerabilities, some of which have been unaddressed for years, have potentially serious implications for Cisco's customers.

The researchers identified a total of 10 vulnerabilities in Cisco firewall and network security products. Among these, five vulnerabilities have been listed by the Cybersecurity and Infrastructure Security Agency (CISA) as known exploited vulnerabilities. These vulnerabilities can allow a malicious attacker to install malicious software on Cisco ASA, effectively turning it into a Trojan horse.

Some of these vulnerabilities execute code on administrative systems connecting to ASA, while others execute code on a virtual machine hosted on the ASA-X with Firepower systems. Most of these vulnerabilities allow attackers to execute arbitrary code, posing a significant security risk.

Notably, some of the vulnerabilities discovered are linked to those released during the ShadowBrokers' dump, specifically Extrabacon and EpicBanana.

Cisco is currently tracking these vulnerabilities with three advisories and three software bug release notes. However, six of the discovered vulnerabilities have not been fully patched by Cisco after being reported in February and March.

Despite this, Cisco works in close coordination with the security community to protect its customers. The spokesperson for Cisco appreciates the collaboration with the security researchers who brought the vulnerabilities to their attention and praised Rapid7's research as very professional.

It's worth mentioning that this is not the first time Rapid7 has discovered vulnerabilities in popular network security products. Previously, they have found vulnerabilities in SonicWall firewalls and Zyxel VPN firewalls.

Interestingly, the most popular version of ASDM being used on the internet was originally released in 2017. Some ASA customers appear not to be updating their ASDM updates, potentially leaving them vulnerable to these newly discovered vulnerabilities.

Cisco has more than 300,000 security customers and more than 1 million ASA devices are deployed worldwide. It is crucial for these customers to ensure their systems are up-to-date to mitigate the risks posed by these unpatched vulnerabilities.

As always, it's essential to stay vigilant and keep your systems updated to protect against potential threats. If you are a Cisco ASA user, we recommend checking the latest advisories and updates from Cisco to ensure your system's security.

Read also:

Related

Latest