Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cisco ASA Firewall Has a Wormable Problem — And a Million Installs (csoonline.com)

Posted by timothy on from the that's-web-scale dept.

itwbennett writes: Cisco has published an advisory for a vulnerability with a CVSS (Common Vulnerability Scoring System) score of 10 that was discovered by researchers from Exodus Intelligence. According to the advisory, 'a vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.' As CSO's Dave Lewis points out, 'the part of this that is most pressing is that Cisco claims that there are over a million of these deployed.'
And attackers have not been sitting on their thumbs.

1 of 78 comments (clear)

  1. Swedish Installs of ASA Are Unaffected by Anonymous Coward · · Score: 3, Funny

    The Swedish version of ASA doesn't use Internet Key Exchange (IKE). It uses

    <puts on sunglasses>

    IKEA!