Security products of CISCO are vulnerable! Remote access is available for Attacker!

Recently, researchers found a remote code execution vulnerability in CISCO Firewalls. This vulnerability was effecting ASA (Adaptive Security Appliance) software of company. There an update has been released by CISCO to fix this vulnerability. A problem of buffer overflow was happening in IKEv1 (Internet Key Exchange) and IKEv2 code of ASA software of CISCO. The researchers said that this flaw allows an attacker to execute and reload the arbitrary code. By exploiting this flaw attacker can gain the control of system completely.

According to CISCO,” Attackers can exploit this vulnerability by using the traffic, which has been directed to the effected system. Traffic of both IPv4 and IPv6 are available for the activation of this exploit. By exploiting this vulnerability, attackers can make changes into firewall settings. These changes will help the attacker to gain the access of system. The systems which are configuring IKEv1 and IKEv2 VPN connections, have this vulnerability. Attackers sends hard coded UDP packets to vulnerable systems and after the control the system remotely.”

Three security researchers of Exodus Intelligence have found this critical vulnerability. The names of researchers are Jordan Gruskovnjak, Alex Wheeler and David Barksdale.

The CVSS (Common Vulnerability Scoring System) score of this vulnerability is 10.This vulnerability is a Critical vulnerability and has been identified as CVE-2016-1287. ASA 5500 adaptive security appliances, ASA 1000V cloud firewall, Firepower 9300 module, ASA 5500-X-next-generation firewalls, ISA 3000 industrial security appliances and many more security products, which are using ASA software of CISCO could be effected by this vulnerability.

If you are using any of the product from above, fix this vulnerability as soon as possible to protect your systems from hackers.

Source: securityweek