Security Alert (A18-10-03): Multiple Vulnerabilities in Cisco Products

Description:

Cisco released security advisories to address the vulnerabilities in Adaptive Security Appliance (ASA) software and Firepower Threat Defense (FTD) software. An attacker could exploit the vulnerabilities by sending a specially crafted command, packet, traffic stream or file to an affected system.

Affected Systems:

Cisco products running a vulnerable release of ASA software or FTD software, including:

• 3000 Series Industrial Security Appliances (ISAs)
• ASA 5500-X Series Next-Generation Firewalls
• ASA 5506-X with FirePOWER Services
• ASA 5506H-X with FirePOWER Services
• ASA 5506W-X with FirePOWER Services
• ASA 5508-X with FirePOWER Services
• ASA 5516-X with FirePOWER Services
• Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls
• Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services
• Adaptive Security Appliance (ASA) Software Releases 9.6.4, 9.8.2, and 9.9.1
• Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances
• Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances
• FirePOWER 7000 Series Appliances
• FirePOWER 8000 Series Appliances
• FirePOWER Threat Defense for Integrated Services Routers (ISRs)
• Firepower 2100 Series Security Appliances
• Firepower 4100 Series Security Appliances
• Firepower 9300 ASA Security Module
• Firepower 9300 Series Security Appliances
• Firepower Management Center
• Firepower Threat Defense
• Firepower Threat Defense (FTD) Software Release 6.2.2
• Firepower Threat Defense Virtual (FTDv)
• Industrial Ethernet 3000 Series Switches
• Next-Generation Intrusion Prevention System (NGIPS)
• Virtual Next-Generation Intrusion Prevention System (NGIPSv)

The above is only a sample list of affected systems and is not considered exhaustive. For detailed information of the affected products, please refer to the section "Affected Products" of corresponding security advisory at vendor's website.

Users should contact their product support vendors for the fixes and assistance.

Impact:

Successful exploitation of the vulnerability could lead to security bypass, privilege escalation, denial of services or system reload on an affected system.

Recommendation:

Software updates for affected systems are now available. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. For detailed information of the available patches, please refer to the section "Fixed Software" of corresponding security advisory at vendor's website.

Users should contact their product support vendors for the fixes and assistance.

More Information:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-ipsec-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-smb-snort
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos
https://www.hkcert.org/my_url/en/alert/18100401
https://www.us-cert.gov/ncas/current-activity/2018/10/03/Cisco-Releases-Security-Updates
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0453
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0455
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15383
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15397
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15398
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15399