Cisco Issues 'Critical' Firewall Security Vulnerability Alert For VPN Devices

Cisco Systems says it has identified a critical software security vulnerability in several of its firewalls, switches, routers and security software that could let cyber-attackers into VPN devices.

The vulnerability is in the Secure Sockets Layer VPN functionality of Cisco Adaptive Security Appliance [ASA] software, and it could allow an unauthenticated, remote attacker to cause a reload of the affected system or to execute code remotely, the company said in a security advisory this week.

The vulnerability affects 10 Cisco products, including:

• The 3000 Series Industrial Security Appliances.
• The 5500 Series Adaptive Security Appliances.
• Cisco's 5500 X-Series Next-Generation Firewalls.
• The ASA Service Module for Catalyst 6500 Series switches and 7600 Series routers.
• The ASA 1000v Cloud Firewall.
• Cisco's ASAv virtual appliance.
• The Firepower 2100 and 4110 security appliances.
• The Firepower 9300 ASA Security Module.
• Cisco's Firepower Threat Defense software.

The company said there are no workarounds to fix the vulnerability, but it has issued free software updates that it says will solve the problem.

[Related: Cisco Making Channel Investment To Push New Intent-Based Networking Software, Capabilities]

Cisco said in a statement that the advisory is "intended to help customers understand which Cisco products may be affected and assess the potential implications for their networks. Fixes are available for the affected products," and the company "is not aware of any malicious use of this vulnerability."

Bill Smeltzer, CTO at Focus Technology Solutions, a Burlington, Mass., solution provider that works with Cisco, said the vulnerability is par for the course in the modern IT era. "This is no different than what we see on a daily basis industry-wide," Smeltzer said. "Cisco has an update to address the problem. They acted fast. We always advise our clients to do any critical security patches."

Mike Girouard, EVP of sales at TekLinks, a Birmingham, Ala., cloud solution provider that works with Cisco said the vulnerability affects most of the firewalls the company has deployed in the field and its data centers.

"We plan to get the announcement out to all of our Pro Services team members so we can work to schedule patching with our clients," Girouard said. "It has affected every customer firewall in the data center, and TekLinks Managed & Cloud Services is working on patching them, and migrating others. We're all over this one."