Cisco has patched multiple new High risk vulnerabilities on Cisco Adaptive Security Appliance (ASA), IOS XE and Firepower Threat Defense (FTD) Software products.
As a result, a remote attacker could potentially exploit some of these vulnerabilities to take control of an impacted device or cause a denial of service (DoS).
ASA and FTD DoS vulnerabilities
Cisco provided new updates on October 23 for six of the eight High severity patches previously released days earlier that address denial of service (DoS) vulnerabilities in Cisco ASA and FTD Software products.
One of those DoS vulnerabilities CVE-2020-3554 is caused my a memory exhaustion condition.
“An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device,” Cisco warned in the advisory.
In addition, another DoS vulnerability CVE-2020-3373 is caused by a vulnerability in the IP fragment-handling implementation of Cisco ASA and FTD.
Cisco also addressed two web services vulnerabilities (CVE-2020-3436 and CVE-2020-3304) that could also result in a DoS condition.
The final two High risk patches fixed vulnerabilities in the SSL SSL VPN negotiation process CVE-2020-3529 and OSPF Version 2 (OSPFv2) implementation CVE-2020-3528. Each of these could also allow an attacker to exploit and cause devices to reload and crash.
Secure Boot Bypass
Cisco also fixed a Secure Boot Bypass vulnerability CVE-2020-3458 in Cisco ASA and FTD software for the Firepower 1000 Series and Firepower 2100 Series Appliances
“The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots,” Cisco explained in the advisory.
IOS XE Software Arbitrary Code Execution
To add, Cisco addressed a vulnerability CVE-2020-3417 in IOS XE Software that could result in the arbitrary code execution on the underlying OS.
“This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable,” Cisco stated.
Other Cisco vulnerabilities
Finally, Cisco also patched the following High severity bugs between October 21 and 22, 2020:
Multiple other Medium risk vulnerabilities were also addressed for multiple network products.
Check out the latest Cisco advisories as of October 23, 2020. System and Network administrators should deploy security updates to affected devices as soon as possible.