Cisco has released three security advisories fixing a number of vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Management Center. An authenticated local or remote attacker could exploit the vulnerabilities by invoking certain invalid commands in an affected device or sending out crafted SNMP community strings or HTTP requests to the affected device.
> Cisco Adaptive Security Appliance (ASA) Software
> Cisco Firepower Management Center and Cisco ASA 5500-X Series with FirePOWER Services
The complete list of vulnerable systems can be found in the "Affected Products" section of individual Cisco Security Advisory available at:
01. Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability (applicable to version 8.4(3) and earlier)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli
02. Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability (applicable to all versions)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp
03. Cisco Firepower Management Center Remote Command Execution Vulnerability (applicable to versions prior to 5.3.1.2, 5.4.0.1, 5.4.1 and 6.0.0)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-fmc
Depending on the vulnerability exploited, a successful attack could cause a denial-of-service condition, reload of a vulnerable device or unauthorized system commands execution with root-level privileges.
Patches for affected systems are now available. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. For detailed information of the available patches, please refer to the section "Fixed Software" of corresponding security advisory at vendor's website.
Users should contact their product support vendors for the fixes and assistance.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-fmc
https://www.hkcert.org/my_url/en/alert/16081902
https://www.us-cert.gov/ncas/current-activity/2016/08/20/Cisco-Releases-Security-Updates http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6366
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6367