Cisco ASA DoS vulnerability exploited in the wild
- The vulnerability was first noticed being exploited publicly back in June 2018.
- The vulnerability, CVE-2018-0296, affects the Cisco Adaptive Security Appliance (ASA) and Firepower Appliance.
A Denial-of-Service bug, CVE-2018-0296 is being actively exploited in the wild. The vulnerability was first noticed being exploited publicly back in June 2018.
About the flaw
The Vulnerability, CVE-2018-0296, affects the Cisco Adaptive Security Appliance (ASA) and Firepower Appliance. The vulnerability can be exploited by using a specially crafted URL to cause the ASA appliance to reboot or disclose unauthenticated information.
Although the security hole was patched in early June 2018, several PoC exploits have been made publicly available to abuse the vulnerability.
Cisco had initially classified the vulnerability as ‘High’ severity but recently changed its rating to ‘Critical’ after learning of more attacks.
Addressing the flaw
The networking giant has updated its advisory in September 2019 to warn customers of new attack attempts.
“This isn't a new vulnerability, but as exploitation continues to increase, customers need to be aware of the risk of both a denial-of-service or unauthenticated information disclosure. Additionally, as we head into the holidays, people take time off, but adversaries do not,” Cisco said in its blog post.
Cisco has recommended customers to validate if they are vulnerable and plan the appropriate patching/mitigations strategies to minimize both risk and impact to the organization.