Heart of Texas Network Consultants Blog

The Cisco Vulnerability Requires Multiple Patches

The Cisco Vulnerability Requires Multiple Patches

Virtual private networks are vulnerable to an exploit that was recently brought to light. Cisco has announced that this exploit undermines its ASA, or Adaptive Security Appliance tool. If this issue isn’t patched immediately, you could find your organization vulnerable through remote code exploitation.

This VPN bug can leverage the ASA operating system to enable hackers to breach Cisco security devices. According to Cisco, this Secure Sockets Layer (SSL) can “allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.” This means that an attacker could hypothetically gain complete access to a system and control it - a prospect that any business should see the threat in, especially where their physical security is concerned. In fact, this vulnerability has been ranked as a 10 out of 10 on the Common Vulnerability Score System, making it one of the top vulnerabilities ranked.

Granted, this vulnerability only goes into effect if WebVPN has been enabled, but that doesn’t mean that you can overlook this threat. ZDNet provides the following list of affected devices:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD).

When it was first discovered, this bug had yet to be used “in the wild,” but Cisco was aware of some attempts to change that. This exploit targeted a bug from seven years ago, with a proof of concept demonstrating the use of the exploit - or at least trying to. The proof of concept only resulted in a system crash, but that doesn’t change the fact that this vulnerability can be exploited in other ways, too.

Unfortunately, this vulnerability has now been observed in use, and worse, Cisco’s first attempt to patch it didn’t see to all considerations. As it turned out, there were more attack vectors and features that were not yet identified, as so were not addressed by the patch.

However, Cisco has now released an updated patch, which you need to implement as soon as possible. Otherwise, you are opening up your business security to greater risk. It is always a better practice to attend to known vulnerabilities post haste, as the longer your business is vulnerable, the more likely it is that someone will take advantage of that.

Furthermore, it is also crucial that you stay cognizant of any and all vulnerabilities that are present in your mission-critical software and hardware solutions. This bug is not an isolated case. Others like it have been found before, and more will certainly pop up in the future. Hackers and cybercriminals are constantly working to overcome the security features that software developers implement. It is your responsibility to ensure that you protect your business by implementing security patches and updates promptly.

Heart of Texas Network Consultants can assist you with that. We can help you ensure that your patches and updates are up-to-date, often without needing to take the time needed for an on-site visit and handling it all remotely. For more information, give us a call at (254) 848-7100.

Can You Spot the Bait in a Phishing Attack?
Tip of the Week: Which Browser Provides the Best S...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, July 18 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Risk Management Malware Chrome Backup communications Law Enforcement Current Events User Error Network Security Outsourced IT Security Google Drive Phishing Cybercrime Maintenance Mobility Best Practice Humor Business Android Printer Office 365 Gmail Facebook Internet Automation Technology Cloud Smartphones Passwords Ransomware Communication Network Application Vendor Management Privacy Bandwidth Miscellaneous Education Telephone Systems Travel Productivity Business Computing PowerPoint Information Windows 8 Innovation Disaster Recovery BDR Cost Management Bring Your Own Device IT Support Social Media Hackers Social Microsoft iPhone Router Tech Term Internet of Things Wi-Fi Hosted Solutions Data Backup Vulnerability Collaboration Office Tips Avoiding Downtime IT Services Data Two-factor Authentication Windows 10 Money Data Management Gadgets App Computer Spam Proactive IT Quick Tips Productivity Mobile Office Encryption Password Tablet Shortcut Hacking Managed IT Services Information Technology Virtualization Efficiency Google Going Green Server Microsoft Office Mobile Computing Apps Cloud Computing Saving Money Networking Mobile Devices Update Smartphone Antivirus BYOD Data Recovery Windows IT Support OneNote Save Money Tip of the Week Wireless Technology Cybersecurity Upgrade Business Management Office User Tips Wireless VoIP Lithium-ion battery The Internet of Things Hard Drives Employer-Employee Relationship Identity Theft Operating System Managed IT Applications Alert History Best Practices Data Security Business Continuity Software Health Mobile Device Management Government Remote Computing Small Business Users Hardware Search Workplace Tips Holiday Unified Threat Management Managed Service Provider WiFi USB Big Data Tech Support Browser Email Managed IT Services Windows 10 Managed Service Telephony Computers Artificial Intelligence Customer Relationship Management Laptop Marketing Unsupported Software