Cisco fixes multiple new High risk security bugs in ASA, IOS XE and Firepower products

Cisco fixes 8 new High risk security bugs in ASA, IOS XE and Firepower products

Cisco has patched multiple new High risk vulnerabilities on Cisco Adaptive Security Appliance (ASA), IOS XE and Firepower Threat Defense (FTD) Software products.

As a result, a remote attacker could potentially exploit some of these vulnerabilities to take control of an impacted device or cause a denial of service (DoS).

ASA and FTD DoS vulnerabilities

Cisco provided new updates on October 23 for six of the eight High severity patches previously released days earlier that address denial of service (DoS) vulnerabilities in Cisco ASA and FTD Software products.

One of those DoS vulnerabilities CVE-2020-3554 is caused my a memory exhaustion condition.

“An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device,” Cisco warned in the advisory.

In addition, another DoS vulnerability CVE-2020-3373 is caused by a vulnerability in the IP fragment-handling implementation of Cisco ASA and FTD.

Cisco also addressed two web services vulnerabilities (CVE-2020-3436 and CVE-2020-3304) that could also result in a DoS condition.

The final two High risk patches fixed vulnerabilities in the SSL SSL VPN negotiation process CVE-2020-3529 and OSPF Version 2 (OSPFv2) implementation CVE-2020-3528. Each of these could also allow an attacker to exploit and cause devices to reload and crash.

Secure Boot Bypass

Cisco also fixed a Secure Boot Bypass vulnerability CVE-2020-3458 in Cisco ASA and FTD software for the Firepower 1000 Series and Firepower 2100 Series Appliances

“The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots,” Cisco explained in the advisory.

IOS XE Software Arbitrary Code Execution

To add, Cisco addressed a vulnerability CVE-2020-3417 in IOS XE Software that could result in the arbitrary code execution on the underlying OS.

“This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable,” Cisco stated.

Other Cisco vulnerabilities

Finally, Cisco also patched the following High severity bugs between October 21 and 22, 2020:

Vulnerability DescriptionCVE
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service VulnerabilityCVE-2020-3572
Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service VulnerabilityCVE-2020-27124
Cisco FXOS Software Firepower Chassis Manager Cross-Site Request Forgery VulnerabilityCVE-2020-3456
Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass VulnerabilityCVE-2020-3455
Cisco Firepower Management Center Software and Firepower Threat Defense Software sftunnel Pass the Hash VulnerabilityCVE-2020-3549
Cisco Firepower Management Center Software Denial of Service VulnerabilityCVE-2020-3499
Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal VulnerabilityCVE-2020-3550
Cisco Firepower Threat Defense Software TCP Flood Denial of Service VulnerabilityCVE-2020-3563
Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service VulnerabilityCVE-2020-3562
Cisco Firepower Threat Defense Software SNMP Denial of Service VulnerabilityCVE-2020-3533
Cisco Firepower Threat Defense Software Inline Pair/Passive Mode Denial of Service VulnerabilityCVE-2020-3577
Cisco Firepower 4110 ICMP Flood Denial of Service VulnerabilityCVE-2020-3571
Cisco Firepower Threat Defense Software Multi-Instance Container Escape VulnerabilityCVE-2020-3514
Cisco Firepower Management Center Software Common Access Card Authentication Bypass VulnerabilityCVE-2020-3410

Multiple other Medium risk vulnerabilities were also addressed for multiple network products.

Check out the latest Cisco advisories as of October 23, 2020. System and Network administrators should deploy security updates to affected devices as soon as possible.

Related Articles