CISCO Issues Updates for High-Severity Vulnerabilities in Next-Gen Firewalls

Twelve vulnerabilities that affected the Proven Firewall and Network Security Platform were addressed by the company, along with several devices in the Cisco Firepower series.

The Adaptive Security Appliance (ASA) and Firepower Threat Defense are a couple of pieces of software used to run the Cisco ASA Family of security devices, including next-gen firewalls. It’s a complex solution, and its importance can’t be overstated when it comes to security.

One thing that stands out right away is that of the vulnerability of a high-impact security rating, which meant that patches and updates had to arrive quickly.

“All of the vulnerabilities have a Security Impact Rating (SIR) of High,” reads the advisory. “Successful exploitation of the vulnerabilities could allow an attacker to cause a memory leak, disclose information, view and delete sensitive information, bypass authentication, or create a denial of service (DoS) condition on an affected device.”

“Seven of the vulnerabilities affect both Cisco ASA Software and Cisco FTD Software, one of the vulnerabilities affects Cisco ASA Software, and four of the vulnerabilities affect Cisco FTD Software,” it said.

The vulnerability with the highest rating, 9.1, was found in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. If exploited, it would have allowed an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system.

Such vulnerabilities tend to be a lot more dangerous than others because this kind of Internet of Things (IoT) hardware is usually the gate that offers protection, especially in corporate and industrial settings. In such situations, a single exposed piece of hardware represents a security issue that affects everything else after it.