Home ยป Warning from Cisco: Vulnerability in Adaptive Security Appliance enables relentless hardware firewall strikes with no patches in sight.

Warning from Cisco: Vulnerability in Adaptive Security Appliance enables relentless hardware firewall strikes with no patches in sight.

Cisco has issued a warning about vulnerabilities in its Cisco Adaptive Security Appliance (ASA) software and Cisco Firepower Threat Defense (FTD), which can be exploited through brute force password attacks on Cisco hardware firewalls that use these software. To successfully launch an attack, two conditions must be met: there must be at least one user with a password stored in the local database, and SSL VPN must be enabled on the system’s interface.

Security firm Rapid7’s researchers reported that this type of brute force attack has been occurring since March, targeting at least 11 organizations. The attacks focus on devices that do not have multi-factor authentication (MFA) enabled, as once the brute force attack is successful, the attackers gain access.

Currently, there is no patch available, but Cisco recommends implementing certain measures to mitigate the risk. These measures include configuring dynamic access policy (DAP) or disabling remote access VPN in some cases, as well as enforcing the use of MFA.

TLDR: Cisco has warned about vulnerabilities in its ASA and FTD software that can be exploited through brute force attacks on Cisco hardware firewalls. The attacks target devices without MFA enabled and have been ongoing since March. Cisco recommends implementing measures such as DAP and enforcing MFA to mitigate the risk.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Enhancing Organizational Security: Imbuing Google Authenticator’s Remarkable OTP Sync Features Throughout the Entire Enterprise